PEM files have been added to awx-task and awx-web pods and have been verified as working.
I have an EE stored on a server that uses our in-house certificate authority. When “automation-job-xxxx” attempts to pull this image it fails with x509: certificate signed by unknown authority.
So it looks like the automation-job pod needs the certificate defining (or the awx-bundle-cacert needs mounting)
Any ideas how I can configure this?
Thanks.
While there are parts of AWX where you need to provide it with your internal root CA, the image pulls are executed at the hypervisor level (the kubernetes platform, or the host if you have execution nodes). This means your minikube cluster doesn’t trust your internal CA.
You are absolutely correct - thank you. I just applied the fix 5 minutes ago.
I had to put the PRM file under ~/.minikube/certs and restart minikube using:
minikube start --embed-certs
I tried to apply it in the minikube container directly then apply update-ca-certificates but I couldn’t get it to work.