I’m trying to automate process of provisioning the cluster, instead of manually generated, I use cert manager.
I’m getting curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to echoserver.testing:443 error with curl
My full config with kind, cert-manager etc. can be found here GitHub - adimentech/mlops
Service related config
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: selfsigned
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: echoserver
spec:
commonName: echoserver.testing
secretName: echoserver-certs
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: selfsigned
kind: ClusterIssuer
group: cert-manager.io
dnsNames:
- echoserver.testing
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: echoserver
spec:
selector:
istio: ingressgateway # use istio default ingress gateway
servers:
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: echoserver-certs # must be the same as secret
hosts:
- echoserver.testing
- port:
number: 80
name: http
protocol: HTTP
hosts:
- echoserver.testing
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: echoserver
spec:
hosts:
- "echoserver.testing"
gateways:
- echoserver
http:
- route:
- destination:
host: echoserver
---
apiVersion: v1
kind: Service
metadata:
name: echoserver
namespace: default
spec:
ports:
- port: 80
name: http
targetPort: 8080
protocol: TCP
type: ClusterIP
selector:
app: echoserver
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: echoserver
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: echoserver
template:
metadata:
labels:
app: echoserver
spec:
containers:
- image: jmalloc/echo-server
imagePullPolicy: IfNotPresent
name: echoserver
resources:
requests:
memory: "32Mi"
cpu: "0.05"
limits:
memory: "64Mi"
cpu: "0.10"
ports:
- containerPort: 8080
HTTP calls work fine, HTTPS cals doesn’t work.
Any ideas where I didn’t something wrong? Spent days on that with no results…