Workaround for cert expiration

author Dominic Lunanuova <dgl@research.att.com>

Wed, 8 Apr 2020 21:16:30 +0000 (21:16 +0000)

committer Sylvain Desbureaux <sylvain.desbureaux@orange.com>

Tue, 19 May 2020 13:46:39 +0000 (13:46 +0000)
author Dominic Lunanuova <dgl@research.att.com>
Wed, 8 Apr 2020 21:16:30 +0000 (21:16 +0000)
committer Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Tue, 19 May 2020 13:46:39 +0000 (13:46 +0000)
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml

index 52c5566..df823b5 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml
@@ -32,8 +32,17 @@ spec:
          env:
          - name: DELAY
            value: "0"
+# hack explanation:
+# since the dmaap-bc SSL certificate is expired in this release, we
+# pass the -k flag to ignore the cert check error.
+# AFAIK, this post-install script is the only client which actually
+# uses https (against dmaap-bc API) in El Alto Release.
+# So, this workaround is the easiest way out for me.
+# Also note that the only reason to even deploy dmaap-bc is if you
+# need authenticated topics in message-router, or a feed in data-router.
+# If that is not your case, then don't even deploy dmaap-bc.
          - name: PROTO
-          value: "https"
+          value: "-k https"
          - name: PORT
            value: "8443"
          - name: REQUESTID
author	Dominic Lunanuova <dgl@research.att.com>
	Wed, 8 Apr 2020 21:16:30 +0000 (21:16 +0000)
committer	Sylvain Desbureaux <sylvain.desbureaux@orange.com>
	Tue, 19 May 2020 13:46:39 +0000 (13:46 +0000)