Securely access kcp running in a pod.
ramessesii2 opened this issue · 0 comments
ramessesii2 commented
Right now
$ KUBECONFIG=$kcp_config kubectl api-resources
NAME SHORTNAMES APIVERSION NAMESPACED KIND
Unable to connect to the server: x509: certificate is valid for localhost, not ckcp-ckcp.apps.hacbs-build-08.hosted.upshift.rdu2.redhat.com
where ckcp-ckcp.apps.hacbs-build-08.hosted.upshift.rdu2.redhat.com is the route address.
To fix it, we've to add the flag --insecure-skip-tls-verify=true which is clearly not ideal.
Resources
- https://github.com/kcp-dev/kcp/blob/main/cmd/kcp-front-proxy/main.go#L66-L70
- https://gitlab.cee.redhat.com/kcp/shared-resources/-/tree/main/front-proxy-manifests
Related to
Issue #48