Doesn't appear to be working - TLS bad certificate #28
Description
I just deployed this into my kubernetes cluster that is running k3s 1.26.1 and calico cni 3.25 with ebpf/dsr
Helm values
controllers:
image:
repository: quay.io/enix/kube-image-keeper
proxy:
image:
repository: quay.io/enix/kube-image-keeper
registry:
image:
repository: public.ecr.aws/docker/library/registry
persistence:
enabled: true
storageClass: ceph-filesystem
size: 20Gi
Resources
❯ k get po -n kube-system | rg kube-
kube-image-keeper-0 1/1 Running 0 39m
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 1/1 Running 0 39m
kube-image-keeper-controllers-6ddc99bfb9-vrv4h 1/1 Running 0 39m
kube-image-keeper-proxy-8hszk 1/1 Running 0 39m
kube-image-keeper-proxy-9p2cw 1/1 Running 0 39m
kube-image-keeper-proxy-gzdvx 1/1 Running 0 39m
kube-image-keeper-proxy-l64nh 1/1 Running 0 39m
kube-image-keeper-proxy-ntrt8 1/1 Running 0 39m
kube-image-keeper-proxy-r62cf 1/1 Running 0 39m
❯ k get cachedimages -A
No resources found
❯ k get certificates -A
NAMESPACE NAME READY SECRET AGE
kube-system kuik-serving-cert True webhook-server-certLogs
I notice when I try to restart any pod or deploy a new one these errors happen..
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:05:07.813Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:05:07.814Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:06:15.900Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:06:15.901Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:06:47 http: TLS handshake error from 192.168.42.12:34158: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:07:32.832Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:07:32.832Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:07:50 http: TLS handshake error from 192.168.42.12:52718: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:08:52.861Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:08:52.862Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:09:58.798Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:09:58.799Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:11:08.860Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:11:08.861Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:12:20.916Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:12:20.917Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:13:22.915Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:13:22.915Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:14:31.927Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:14:31.928Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:15:54.815Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:15:54.816Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:15 http: TLS handshake error from 192.168.42.12:45374: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:15 http: TLS handshake error from 192.168.42.12:45384: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:16 http: TLS handshake error from 192.168.42.12:45390: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:16 http: TLS handshake error from 192.168.42.12:45398: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:17:16.856Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:17:16.856Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:49 http: TLS handshake error from 192.168.42.12:47174: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:17:49 http: TLS handshake error from 192.168.42.12:47176: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:18:19.858Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:18:19.858Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:19:42.904Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:19:42.904Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:20:59.841Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:20:59.842Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023/02/03 14:21:40 http: TLS handshake error from 192.168.42.11:41622: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:21:45.054Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:21:45.054Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:22:15.854Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:22:15.855Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:23:12.017Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:23:12.018Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:23:33.792Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:23:33.793Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023/02/03 14:23:42 http: TLS handshake error from 192.168.42.11:46590: remote error: tls: bad certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:24:21.961Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:24:21.961Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:24:43.812Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:24:43.813Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:25:31.030Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:25:31.031Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:26:10.861Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:26:10.861Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-0 kube-image-keeper time="2023-02-03T14:26:16.098319022Z" level=info msg="PurgeUploads starting: olderThan=2023-01-27 14:26:16.098137541 +0000 UTC m=-603059.989528036, actuallyDelete=true"
kube-image-keeper-0 kube-image-keeper time="2023-02-03T14:26:16.098560456Z" level=info msg="Purge uploads finished. Num deleted=0, num errors=0"
kube-image-keeper-0 kube-image-keeper time="2023-02-03T14:26:16.098602693Z" level=info msg="Starting upload purge in 24h0m0s" go.version=go1.16.15 instance.id=4ef434ec-57d5-4cda-b732-c77407757e00 service=registry version="v2.8.1+unknown"
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:26:38.059Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-vrv4h cache-manager 2023-02-03T14:26:38.059Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:27:16.814Z INFO controller-runtime.certwatcher Updated current TLS certificate
kube-image-keeper-controllers-6ddc99bfb9-7c2t4 cache-manager 2023-02-03T14:27:16.814Z INFO controller-runtime.certwatcher Updated current TLS certificate
Let me know if there's any other information you need.