-
Notifications
You must be signed in to change notification settings - Fork 740
is static tls configuration currently supported? #1962
Comments
I assume it is due to this TLS error:
#1384 seems related. |
Confirmed. etcd 3.1.15 works correctly, anything newer fails as above. |
etcd-io/etcd#8268 is related as well. |
Also relevant: Looks like there has been some pretty intense thrashing around how to manage this from 3.2 on. Not quite clear how to satisfy the constraints defined in that document (yet). |
etcd-io/etcd#8534 also documents this. At this point I believe a simple statefulset will be easier to manage. I want to love the idea of operators but, as of today they seem like an abstraction too far. If anyone else finds themselves here, you might appreciate: |
#1323 This is what is missing. Once this is fixed then you can probably use it. |
Following up to say that this persisted while using etcd directly. The underlying issue was the fact that my cluster's DNS server (coredns) wasn't configured to handle reverse dns lookups for the pod CIDR. etcd-io/etcd#8803 is also relevant to this issue. |
I am running v0.9.2 in "cluster-wide" mode.
Manifest: (works perfectly if TLS is commented out)
PKI:
tls.tar.gz
Resulting state:
Logs for etcd-zltrqxjgdr
Logs for etcd-zl7vxqvgjl:
The text was updated successfully, but these errors were encountered: