You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[root@server testyaml]# ./examples/nginx-https/tools.sh cleanup
secret "nginxsecret" deleted
configmap "nginxconfigmap" deleted
deployment.apps "nginx-https" deleted
service "nginx-https" deleted
delete https example success!
[root@server testyaml]# ./examples/nginx-https/tools.sh install
Generating RSA private key, 2048 bit long modulus
..............................................................+++
....................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=CN/ST=Zhejiang/L=Hangzhou/O=KubeEdge/CN=kubeedge.io
Getting Private key
Generating RSA private key, 2048 bit long modulus
.................................+++
...........................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=CN/ST=Zhejiang/L=Hangzhou/O=KubeEdge/CN=my-nginx.com
Getting Private key
Getting CA Private Key
Generating RSA private key, 2048 bit long modulus
........................+++
.......................................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=CN/ST=Zhejiang/L=Hangzhou/O=KubeEdge/CN=my-nginx.com
Getting Private key
Getting CA Private Key
secret/nginxsecret created
configmap/nginxconfigmap created
deployment.apps/nginx-https created
service/nginx-https created
create https example success!
然后进入容器的内部访问相关服务,无法获得返回结果:
[root@server testyaml]# kubectl exec -it alpine-test -- sh
/ # curl -k --cert client.crt --key client.key https://nginx-https
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to nginx-https:443
/ # curl --cacert rootCA.crt --cert client.crt --key client.key https://my-nginx.com
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to my-nginx.com:443
查看pod,发现pod没有启动
[root@server testyaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
alpine-test 1/1 Running 1 (156m ago) 5h56m 10.233.70.217 master <none> <none>
hostname-edge-84cb45ccf4-twlwc 1/1 Running 0 4h18m 172.17.0.3 pi <none> <none>
nginx-https-84c9fc57f8-vdg5n 0/1 CrashLoopBackOff 6 (26s ago) 6m31s 172.17.0.4 pi <none> <none>
websocket-test 1/1 Running 0 5h56m 10.233.70.218 master <none> <none>
查看pod的日志,发现好像是证书的问题?
[root@server testyaml]# kubectl logs nginx-https-84c9fc57f8-vdg5n
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2024/01/25 07:46:11 [emerg] 1#1: unknown directive "ssl" in /etc/nginx/nginx.conf:36
nginx: [emerg] unknown directive "ssl" in /etc/nginx/nginx.conf:36
集群情况:
根据HTTPS测试用例部署服务:
然后进入容器的内部访问相关服务,无法获得返回结果:
查看pod,发现pod没有启动
查看pod的日志,发现好像是证书的问题?
我去了搜索这个问题,但是搜索结果是重新生成nginx的证书,但是我无法进入容器,这种情况应该怎么办?
The text was updated successfully, but these errors were encountered: