Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

opencost: tls failed to verify certificate x509 certificate signed by unknown authority #162

Closed
rabahbrahami opened this issue Dec 29, 2023 · 6 comments
Closed

opencost: tls failed to verify certificate x509 certificate signed by unknown authority #162

rabahbrahami opened this issue Dec 29, 2023 · 6 comments
Labels
Stale

Comments

@rabahbrahami
Copy link

rabahbrahami commented Dec 29, 2023
edited
Loading

I encounter a problem with the configuration of opencost with the configuration of a prometheus external which is exposed in http or https, I tried with http but there is a redirection to https which is done automatically.

  prometheus:
    external:
      # -- Use external Prometheus (eg. Grafana Cloud)
      enabled: true
      # -- External Prometheus url
      url: "http://prometheus.....com"
    internal:
      enabled: false

Error:

tls: failed to verify certificate: x509: certificate signed by unknown authority'

The only solution is to have the possibility to put InsecureSkipVerify in input as an environment variable since for the moment the values cannot be overloaded.
@mattray
Copy link
Collaborator

mattray commented Jan 11, 2024

Do you have a proposed solution you'd like to see in the Helm chart? I'm sure we'd merge a proper PR.

@charalamm
Copy link

charalamm commented Jan 16, 2024
edited
Loading

Please note that I am new to kubernetes so I dont know if there are side effects to this possible solution
For me it got solved when I deleted prometheus-grafana-kube-pr-admission validating webhook config. Of course it might be a different webhook in your case.

@joyartoun
Copy link

joyartoun commented Apr 20, 2024
edited
Loading

We are also experiencing a problem with this. We are using a custom signed certificate in openshift (where prometheus is exposed via a openshift route), there is a way to inject the CA into a pod/container but the problem is that the helm chart seems to only have the variable extraVolumes, opencost.exporter.extraVolumeMounts and opencost.ui.extraVolumeMounts, thus, no way to add volume mounts for the opencost container specifically.

EDIT: just realized that the opencost.exporter.extraVolumeMount can actually be used to add volumemounts, maybe should rename the value or create a new one

@mattray
Copy link
Collaborator

mattray commented Apr 22, 2024

@joyartoun I'm not sure I follow, do you have a fix for the initial issue that just requires better documentation of an existing variable?

@github-actions GitHub Actions
Copy link

This issue has been marked as stale because it has been open for 180 days with no activity. Please remove the stale label or comment or this issue will be closed in 5 days.

@github-actions github-actions bot added the Stale label Oct 20, 2024
@github-actions GitHub Actions
Copy link

This issue was closed because it has been inactive for 185 days with no activity.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Oct 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mattray @joyartoun @charalamm @rabahbrahami