Hi team, i have been trying a lot but unable to ov...
# troubleshootw
white-horse-97256
03/10/2023, 3:29 AMHi team, i have been trying a lot but unable to overcome
Caused by: <http://javax.net|javax.net>.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Copy code
- name: ELASTICSEARCH_HOST
value: "{{ .Values.global.elasticsearch.host }}"
- name: ELASTICSEARCH_PORT
value: "{{ .Values.global.elasticsearch.port }}"
- name: SKIP_ELASTICSEARCH_CHECK
value: "{{ .Values.global.elasticsearch.skipcheck }}"
{{- with .Values.global.elasticsearch.useSSL }}
- name: ELASTICSEARCH_USE_SSL
value: {{ . | quote }}
{{- end }}
{{- with .Values.global.elasticsearch.auth }}
- name: ELASTICSEARCH_USERNAME
value: {{ .username }}
- name: ELASTICSEARCH_PASSWORD
{{- if .password.value }}
value: {{ .password.value | quote }}
{{- else }}
valueFrom:
secretKeyRef:
name: "{{ .password.secretRef }}"
key: "{{ .password.secretKey }}"
{{- end }}
{{- end }}
- name: ELASTICSEARCH_SSL_PROTOCOL
value: "{{ .Values.elastic.protocol }}"
- name: ELASTICSEARCH_SSL_TRUSTSTORE_FILE
value: "{{ .Values.elastic.truststore }}"
- name: ELASTICSEARCH_SSL_TRUSTSTORE_TYPE
value: "{{ .Values.elastic.trustType }}"
- name: ELASTICSEARCH_SSL_TRUSTSTORE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.elastic.secretEnv.secretRef }}
key: {{ .Values.elastic.secretEnv.secretKey }}
- name: ELASTICSEARCH_SSL_KEYSTORE_FILE
value: "{{ .Values.elastic.keystore }}"
- name: ELASTICSEARCH_SSL_KEYSTORE_TYPE
value: "{{ .Values.elastic.trustType }}"
- name: ELASTICSEARCH_SSL_KEYSTORE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.elastic.secretEnv.secretRef }}
key: {{ .Values.elastic.secretEnv.secretKey }}d
delightful-ram-75848
03/10/2023, 7:28 AM@dazzling-judge-80093 Any ideas here? 🙂
In the meantime, have you checked out this thread? https://datahubspace.slack.com/archives/C029A3M079U/p1638571201168700?thread_ts=1638560041.147600&cid=C029A3M079U
w
white-horse-97256
03/10/2023, 5:39 PMHi @delightful-ram-75848, i looked into it but was not helpful! Do we need to configure the java env variables inside the pod with keystore/truststore certs or do we have to pass the these values as above via helm chart?
white-horse-97256
03/10/2023, 6:52 PMI see these values are being set in datahub-gms https://github.com/datahub-project/datahub/blob/4e250cbd51d27dcde0b74eaee3bf48b922[…]5/metadata-service/factories/src/main/resources/application.yml, but not in datahub-upgrade
white-horse-97256
03/10/2023, 6:53 PMI am facing this issue in datahub-system-upgrade
a
astonishing-answer-96712
03/17/2023, 4:41 PMyou may need to make the same files available to the system upgrade container
b
best-midnight-2857
04/05/2023, 12:03 PM@astonishing-answer-96712 @white-horse-97256 i am currently stuck at the same point. were you guys able to sort this out? any hints?
a
aloof-gpu-11378
04/07/2023, 8:59 PMCould you provide a few more details? What’s your deployment method and what version are you on?
b
best-midnight-2857
04/08/2023, 9:33 AMi’m deploying into an eks-cluster on aws. datahub is on v0.10.0 and elastic (v7.17.3) is deployed via the prerequisites-chart (v0.0.14) into the cluster. i’m creating a self-signed key/truststore via cert-manager, set the env-variables and mounted the files into system-upgrade, frontend, elasticsetup & backend/gms.
a
aloof-gpu-11378
04/12/2023, 6:35 PM@dazzling-yak-93039 might be able to help here- I’d also see if adding the fingerprint arg to the recipe might help https://datahubproject.io/docs/generated/ingestion/sources/elasticsearch/#config-details
5 Views