MongoDB Kubernetes Operator

Mohamed_Tarek · 2021-06-16T02:10:12.471Z

We deployed MongoDB Kubernetes Operator and the opsmanager on openshift 4.7 and they are working fine but once we are trying to deploy the mongoDB we are getting below error

{“logType”:“agent-launcher-script”,“contents”:“Using Kubernetes CA file”}
{“logType”:“agent-launcher-script”,“contents”:“Created symlink: /data/journal → /journal”}
{“logType”:“agent-launcher-script”,“contents”:“Downloading a Mongodb Agent from https://ops-manager-dev-svc-mtx-db-dev.apps.com}
{“logType”:“agent-launcher-script”,“contents”:“Error while downloading the Mongodb agent”}
{“logType”:“agent-launcher-script”,“contents”:”* Trying 10.27.137.46…“}
{“logType”:“agent-launcher-script”,“contents”:”* TCP_NODELAY set"}
{“logType”:“agent-launcher-script”,“contents”:“* Connected to ops-manager-dev-svc-mtx-db-dev.apps.com (10.27.137.46) port 443 (#0)”}
{“logType”:“agent-launcher-script”,“contents”:“* ALPN, offering h2”}
{“logType”:“agent-launcher-script”,“contents”:“* ALPN, offering http/1.1”}
{“logType”:“agent-launcher-script”,“contents”:“* successfully set certificate verify locations:”}
{“logType”:“agent-launcher-script”,“contents”:“* CAfile: /etc/pki/tls/certs/ca-bundle.crt”}
{“logType”:“agent-launcher-script”,“contents”:" CApath: none"}
{“logType”:“agent-launcher-script”,“contents”:“} [5 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (OUT), TLS handshake, Client hello (1):”}
{“logType”:“agent-launcher-script”,“contents”:“} [512 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (IN), TLS handshake, Server hello (2):”}
{“logType”:“agent-launcher-script”,“contents”:“{ [122 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (IN), TLS handshake, [no content] (0):”}
{“logType”:“agent-launcher-script”,“contents”:“{ [1 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):”}
{“logType”:“agent-launcher-script”,“contents”:“{ [10 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (IN), TLS handshake, [no content] (0):”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (IN), TLS handshake, Certificate (11):”}
{“logType”:“agent-launcher-script”,“contents”:“{ [1416 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* TLSv1.3 (OUT), TLS alert, unknown CA (560):”}
{“logType”:“agent-launcher-script”,“contents”:“} [2 bytes data]”}
{“logType”:“agent-launcher-script”,“contents”:“* SSL certificate problem: self signed certificate”}
{“logType”:“agent-launcher-script”,“contents”:“* Closing connection 0”}

JM_Neo · 2023-11-30T07:03:12.437Z

Hi,

I have been trying to disable SSL validation for a week. Couldn’t find any documentation regarding this.
May I know if there are any resolution to this?

My ops manager is HTTPS using custom CA through an nginx ingress controller. Thanks in advance.

John_Vonplutzner · 2024-02-27T17:07:36.907Z

Hey JM_Neo!

I’m working with trying to troubleshoot a TLS deployment of OPS Manager in Openshift without much joy. I was wondering if you had experienced this, and decided to back off SSL? In theory there is a bug associated with this type of deployment.

My experience is that once you go down the SSL/TLS path you cannot just remove the TLS from the yamls configs and it comes up cleanly for user auth/SCRAM authentication.

Cheers,

John
FEMA