Reputation: 15544
How to properly launch an OpenShift v3 app
As I am trying to launch a sample OpenShift v 3 (Docker/Kubernetes) app with this command:
_output/local/go/bin/osc create -f examples/hello-openshift/hello-pod.json
I am getting this error:
Post https://localhost:8443/api/v1beta2/pods?namespace=default: x509: certificate signed by unknown authority
which is also confirmed by this message:
http: TLS handshake error from 127.0.0.1:58393: remote error: bad certificate
What adjustments do I need to make in order to make this work?
Upvotes: 0
Views: 984
Answers (1)
Reputation: 3316
OpenShift (on startup) generates a root self-signed certificate and a set of client certificates. The client is trying to talk to the server, but getting rejected because the client is loading certs from the root CA.
You can set the KUBECONFIG= environment variable and pass the path of the admin .kubeconfig file (by default, typically $(pwd)/openshift.local.certificates/admin/.kubeconfig.
You can also pass --insecure-skip-tls-verify when you invoke osc, but running with certificates will be more secure by default and once authorization is added, you'll be identified by the client cert that is bundled with that .kubeconfig.
Upvotes: 2
Related Questions
- Openshift new-app not working for dockerfile
- Init container in openshift
- Error on OpenShift when trying to use Dockerfile
- Openshift new-app from local Docker image
- Problems creating OpenShift app using Dockerfile (with oc new-app)
- Issue in deploying a simple docker image to openshift
- Running a docker image in Openshift Origin
- openshift v3 pod file not found
- Adding docker container to running OpenShift pod
- How to launch a new docker container from inside a docker container on openshift