fix: change puppet compilers to use HTTP for internal puppetdb connections
This resolves SSL certificate verification failures preventing puppetdb access - Update OPENVOXDB_SERVER_URLS from https://puppetdb:8081 to http://puppetdb:8080 - External access to puppetdb will still use HTTPS via ingress - Internal cluster communication does not require encryption
This commit is contained in:
@@ -12,7 +12,7 @@ metadata:
|
||||
data:
|
||||
OPENVOXSERVER_PORT: "8140"
|
||||
DNS_ALT_NAMES: "puppetserver-compiler-0,puppetserver-compiler-1,puppetserver-compiler-2,puppetserver-compiler-3,puppetserver-compiler-4,puppet,puppet.k8s.syd1.au.unkin.net"
|
||||
OPENVOXDB_SERVER_URLS: "https://puppetdb:8081"
|
||||
OPENVOXDB_SERVER_URLS: "http://puppetdb:8080"
|
||||
CA_ENABLED: "false"
|
||||
CA_HOSTNAME: "puppetca"
|
||||
CA_PORT: "8140"
|
||||
|
||||
@@ -13,6 +13,6 @@ data:
|
||||
OPENVOXSERVER_HOSTNAME: "puppet"
|
||||
OPENVOXSERVER_PORT: "8140"
|
||||
DNS_ALT_NAMES: "puppet,puppetserver-agents-to-puppet,puppetca,puppet-headless,puppetca.k8s.syd1.au.unkin.net,puppet.k8s.syd1.au.unkin.net"
|
||||
OPENVOXDB_SERVER_URLS: "https://puppetdb:8081"
|
||||
OPENVOXDB_SERVER_URLS: "http://puppetdb:8080"
|
||||
CA_ALLOW_SUBJECT_ALT_NAMES: "true"
|
||||
PUPPETSERVER_JAVA_ARGS: "-Xms1024m -Xmx3072m -Dcom.sun.management.jmxremote.port=31000 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"
|
||||
|
||||
@@ -23,6 +23,6 @@ spec:
|
||||
service:
|
||||
name: puppetdb
|
||||
port:
|
||||
number: 8081
|
||||
number: 8080
|
||||
path: /
|
||||
pathType: Prefix
|
||||
|
||||
@@ -52,7 +52,7 @@ spec:
|
||||
- name: DNS_ALT_NAMES
|
||||
value: puppetserver-compiler-0,puppetserver-compiler-1,puppetserver-compiler-2,puppetserver-compiler-3,puppetserver-compiler-4,puppet-headless,puppet,puppet.k8s.syd1.au.unkin.net
|
||||
- name: OPENVOXDB_SERVER_URLS
|
||||
value: https://puppetdb:8081
|
||||
value: http://puppetdb:8080
|
||||
- name: CA_ENABLED
|
||||
value: "false"
|
||||
- name: CA_HOSTNAME
|
||||
|
||||
Reference in New Issue
Block a user