ConfigConnector Webhook uses deprecated 'CommonName' field for certificates and cannot be installed in k8s 1.19.x #335
Comments
|
K8s 1.19.x is now built with golang 1.15.0-rc.1. As it says: |
|
Hi @Tonyqu123 , thank you for bringing this to our attention. Just to get more context, are you currently using a GKE cluster? Given this breaking change of disabling the |
|
Yes, we could use a lower version one. By the way, we are not using GKE, but gardener |
|
Ah okay, thank you for the update & being flexible to use a lower versioned cluster. We'll update this thread when we fix the issue with k8s 1.19 compatibility. |
|
This bug should be fixed in Config Connector v1.37.0. Please let us know if you have any other questions. |
Describe the bug
After install the k8s-config-connector on our k8s cluster[version: 1.19.3]. I try to install an sql instance by following the sample yaml. Use the command
kubectl create -f /path/to/sample-sql.yamlError from server (InternalError): error when creating "/Users/i519593/Code/cnrm/tmp/samples/sql.yaml": Internal error occurred: failed calling webhook "annotation-defaulter.cnrm.cloud.google.com": Post "https://cnrm-validating-webhook.cnrm-system.svc:443/annotation-defaulter?timeout=30s": x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0
ConfigConnector Version
1.16.0
To Reproduce
Install a k8s 1.19.x cluster. kubectl create -f /path/to/sample-sql.yaml
YAML snippets:
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample-mysql
spec:
databaseVersion: MYSQL_5_7
region: us-central1
settings:
tier: db-f1-micro%
The text was updated successfully, but these errors were encountered: