Comments (7)
Same issue here; running on macOS with vagrant-virtualbox.
I tracked this down in the tink-docker container where you can find this:
{"level":"info","ts":1651047221.0680003,"caller":"cmd/root.go:45"
*msg": "starting","service":"github.com/tinkerbell/tink","version": "2h87714"}
Error: worker Finished with error: failed to get workflow context: rpc error:
code = Unavailable desc = connection error:
desc = "transport: authentication handshake failed: x509: certificate signed
by unknown authority"
Usage:
tink-worker [flags]
<more usage() stripped>
I tried several permutations in /etc/docker/certs.d - to no avail. Debugging certs via calling that directly, so from
the hook getty shell:
ctr -n services.linuxkit task exec -t --exec-id testit docker sh
docker login ...
docker run 192.168.56.4/tink-worker -i 1 -r 192.168.56.4 -u admin -p Admin1234 --tinkerbell-grpc-authority 192.168.56.4:42113
Also tried by storing the presented server cert on 192.168.56.4:443 in /etc/docker/certs.d under 192.168.56.4 and 192.168.56.4:443 to no avail.
from hook.
ok, this is gRPC and has nothing along docker certs. the ca.pem
needs to be added to the tink-worker container FS (/etc/ssl/certs/ca-certificates.crt or extra /etc/ssl/certs/myveryca.pem -- both work).
Fiddling on how to build such an image....
from hook.
fallout from tinkerbell/tink#584
from hook.
fallout from tinkerbell/tink#584
Caused by that PR, or resolved by it?
from hook.
Caused.. I was able to rollback the image hashes used in the sandbox and there it works. More bits of diagnose and blister help in this issue tinkerbell/playground#133
from hook.
Hey @ylxxwx, quite a bit of change to Hook since you reported this. Mind trying with the latest commit?
from hook.
Please reopen if the issue still exists in the latest hook, thanks.
from hook.
Related Issues (20)
- Wrong /dev/null permission making ubuntu jammy deployment impossible HOT 6
- how to recoginze the lvm on my disk HOT 2
- changes to `kernel/` directory require `validation` check
- add lvm2 package into kernel Dockerfile, lead to failure of kernel build HOT 1
- Make deterministic device paths available
- Hook dynamic runtime driver support HOT 1
- git tag "latest" behaves in a mutable way. HOT 1
- Hook doesn't create required files/folder for docker trusted certificates HOT 2
- [Feature Request] Let the user choose which architecture to build HOT 1
- Include the checksums as a release artifact
- include a version file in Hook
- How to enable docker insecure-registries on OSIE HOT 1
- Possible Bug In VLAN parsing HOT 2
- Ability to signal host shutdown HOT 1
- ARM64 server gets stuck on "bpfilter write fail: -32" when activating Linuxkit (Alpine) HOT 1
- ARM64 server gets stuck on "bpfilter write fail: -32" when activating Linuxkit (Alpine). HOT 11
- `/dev/disk/by-id` not populated HOT 1
- KConfig_amd64 uses arm64 architecture instead HOT 1
- reproducible build concern HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hook.