ajistyle edited a comment on issue #173:
URL:
https://github.com/apache/apisix-helm-chart/issues/173#issuecomment-964707207
`
```
cp etcd.pem etcd.crt
cp etcd-key.pem etcd-key.key
kubectl create secret tls etcd-ssl-s -n ops \
--cert=/opt/zhuji/helm/apisix/cert/etcd.crt \
--key=/opt/zhuji/helm/apisix/cert/etcd-key.key \
--dry-run -o yaml > etcd-ssl-s.yaml
[root@node201 apisix]# kubectl describe secret/etcd-ssl-s -n ops
Name: etcd-ssl-s
Namespace: ops
Labels: <none>
Annotations:
Type: kubernetes.io/tls
Data
====
tls.crt: 1403 bytes
tls.key: 1675 bytes
```
```
helm install apisix apisix-072/ --namespace ops \
--set etcd.enabled=false \
--set etcd.host={https://192.168.2.202:2379} \
--set etcd.auth.tls.enabled=true \
--set etcd.auth.tls.existingSecret=etcd-ssl-s \
**--set etcd.auth.tls.certFilename=etcd.crt \
--set etcd.auth.tls.certKeyFilename=etcd-key.key**
[root@node201 apisix]# kubectl -n ops logs pod/apisix-f9fbcd99c-lzvfq
/usr/local/openresty/luajit/bin/luajit ./apisix/cli/apisix.lua init
WARNING: using fixed Admin API token has security risk.
Please modify "admin_key" in conf/config.yaml .
/usr/local/openresty/luajit/bin/luajit ./apisix/cli/apisix.lua init_etcd
Warning! Request etcd endpoint 'https://192.168.2.202:2379/version' error,
error loading private key (No such file or directory), retry time=1
request etcd endpoint 'https://192.168.2.202:2379/version' error, error
loading private key (system lib)
Warning! Request etcd endpoint 'https://192.168.2.202:2379/version' error,
error loading private key (system lib), retry time=2
```
`**helm uninstall apisix --namespace ops**`
```
helm install apisix apisix-072/ --namespace ops \
--set etcd.enabled=false \
--set etcd.host={https://192.168.2.202:2379} \
--set etcd.auth.tls.enabled=true \
--set etcd.auth.tls.existingSecret=etcd-ssl-s \
**--set etcd.auth.tls.certFilename=tls.crt \
--set etcd.auth.tls.certKeyFilename=tls.key**
[root@node201 apisix]# kubectl logs pod/apisix-f44c8b9d-kbtqv -n ops
/usr/local/openresty/luajit/bin/luajit ./apisix/cli/apisix.lua init
WARNING: using fixed Admin API token has security risk.
Please modify "admin_key" in conf/config.yaml .
/usr/local/openresty/luajit/bin/luajit ./apisix/cli/apisix.lua init_etcd
Warning! Request etcd endpoint 'https://192.168.2.202:2379/version' error,
certificate verify failed, retry time=1
request etcd endpoint 'https://192.168.2.202:2379/version' error,
certificate verify failed
Warning! Request etcd endpoint 'https://192.168.2.202:2379/version' error,
certificate verify failed, retry time=2
[root@node201 apisix]#
`
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
