/var/lib/origin/openshift.local.config/master/master-config.yaml
Which responds with the below cURL:etcdClientInfo:ca: ca.crtcertFile: master.etcd-client.crtkeyFile: master.etcd-client.keyurls:
curl https://10.2.2.2:4001/metrics --cacert ./ca.crt --cert ./master.etcd-client.crt --key ./master.etcd-client.keySo without the "Identity" configuration section set on the agent config, i'd get a TLS error. As etcd is a core part of OCP, I don't have much control over the client certs and expect there might be other services which require the same setup using different certs that i might want to monitor.
> Currently it seems you can only provide the agent configmap with the identity
> field. But what i want to actually do, is provide this based on the pods
> config map>
> [chomp]
> Is that possible? or planned for the future?
I was hoping this wasn't going to be needed :) But we did talk about it.
It is not possible today because there is one major problem with what you suggest that would need to be solved somehow:
> cert_file: /var/run/secrets/client-crt/client.crt
> private_key_file: /var/run/secrets/client-key/client.key
That is inside your configmap on your OpenShift project (which may or may not be the same project where the agent is deployed).
So - what file system is that actually referring to? And how does the agent get access to those files?
_______________________________________________
hawkular-dev mailing list
hawkular-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/hawkular-dev