Hello,
I am trying to generate Minikube Kubernetes cluster certificate defined in the certificate-authority on my minikube server.
I was able to generate certificates defined in client-certificate and client-key ~/.kube/config file using openssl with the command (openssl pkcs12 -passout pass: -export -out /tmp/client.pfx -in ~/.minikube/client.crt -inkey ~/.minikube/client.key)
Please how do I generate the Minikube Kubernetes cluster certificate defined in the certificate-authority on my minikube server?
You actually don’t need to generate that certificate.
If you look at the minikube configuration file in ~/.kube/config, you will see the spot where it defines the location of that certificate. This certificate was generated when installing Minikube itself. Here is an example:
Hello Jeremy,
Please find the error below when I tried connecting to my minikube cluster from Octopus Deploy without the certificate authority is there something that i’m missing?
Since the issue of the cert doesn’t appear to be an issue any more as the error is pointing to a connectivity problem, I am reproducing the configuration as outlined in the docs to make sure I have all the moving parts and can trace where you are seeing the issue exactly.
This will take some time and I will report back when I have a fully working environment and can trace the step you are having issues with.
Taking a look at your screenshot, it looks like your minikube cluster is setup with a local IP address. For that to work, you will need to install a worker on the local network that can access that IP address to do the work on the cluster.
Dear Jeremy,
But local IP Address was also used in your tutorial that was sent to you.
Right now, all I need are the steps required to run a full CI/CD pipeline from Teamcity to Kubernetes through octopus deploy. I have searched everywhere on the internet but didn’t get anything.
The guide you linked outlines using a local version of Octopus Deploy and MSSQL. If you want to use the cloud version of Octopus and follow along, you will need to create a dedicated worker on your network where you are hosting minikube so that it will have access to it and use that as part of your process. The dynamic workers won’t have access to your local network.
Thank you Jeremy, my minikube is running on GCP. I also used the public IP Address of the GCP on octopus deploy but it still shows the error message. Do you suggest I install the worker on GCP as well and try again?
I believe that will likely mitigate networking issues. If you use Listening tentacles you will have to do some networking to open that up to the Octopus cloud. Polling will require less work.
You could potentially look at the logs of your GCP network firewall to see which rules are failing. To get the IP range of your octopus cloud you will need to login to www.octopus.com, click your profile in the upper right then control center, then click into your cloud instance, then click configuration on the left.