profile
viewpoint

Ask questionsFeature request: detailed error when certificates have expired

<!-- If you need help or think you have found a bug, please help us with your issue by entering the following information (otherwise you can delete this text): -->

Output of helm version: Client: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"} Server: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}

Output of kubectl version: Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.7", GitCommit:"4683545293d792934a7a7e12f2cc47d20b2dd01b", GitTreeState:"clean", BuildDate:"2019-06-06T01:46:52Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"darwin/amd64"} Server Version: version.Info{Major:"1", Minor:"13+", GitVersion:"v1.13.6-gke.13", GitCommit:"fcbc1d20b6bca1936c0317743055ac75aef608ce", GitTreeState:"clean", BuildDate:"2019-06-19T20:50:07Z", GoVersion:"go1.11.5b4", Compiler:"gc", Platform:"linux/amd64"}

Cloud Provider/Platform (AKS, GKE, Minikube etc.): GKE

Bug:

Our helm/tiller is set up with tls verification. We found that all of a sudden, with no change to kubectl or helm versions, all our helm upgrades were hanging until they timed out with "context deadline exceeded". This also affected helm ls, helm version, etc.

It took us a lot of digging around without much help to realize that the certificates might have just expired. After that we did a helm init --upgrade ... with the new certs and it worked.

Some detailed error outputs would have saved many hours of grief.

helm/helm

Answer questions technosophos

Turns out that this is all hidden deep inside of Kubernetes' client-go package. I can't find anywhere were we could hook in and detect this condition. I think that later versions of client-go might have fixed the hanging behavior. But a change to SSL certificate handling needs to be made in client-go, not Helm.

So I am marking this as closed/won't fix.

useful!
source:https://uonfu.com/
answerer
Matt Butcher technosophos @microsoft @azure Boulder, CO http://technosophos.com Creator of Helm, Glide, CNAB, Brigade, & PHP HTML5 parser. Authored "Go In Practice", "Illustrated Children's Guide to Kubernetes", and 7 other books. Ph.D.
Github User Rank List