Uploaded image for project: 'Service Broker Enterprise Edition'
  1. Service Broker Enterprise Edition
  2. SBEE-19

Testing Couchbase Service Broker with modified TLS Certs.

    XMLWordPrintable

Details

    • Task
    • Resolution: Fixed
    • Minor
    • None
    • None
    • testing
    • 1

    Description

      https://issues.couchbase.com/browse/K8S-1639 captures all the steps to setup and run couchbase server with couchbase service broker.

      However it's one part of the process. The other part requires testing it with non-default namespace. We will also be testing the upgrade of CAO from 2.0->2.1 with Service Broker.

      Going by https://issues.couchbase.com/browse/SBEE-4 , we need to create DAC and TLS Certificates in non-default namespace.

      I was able to generate DAC in non-default namespace.

      Prateeks-MacBook-Pro:couchbase-service-broker-kubernetes prateekkumar$ kubectl get deployments -n catalog
      		 
      NAME                                 READY   UP-TO-DATE   AVAILABLE   AGE
      		 
      catalog-catalog-controller-manager   1/1     1            1           3m11s
      		 
      catalog-catalog-webhook              1/1     1            1           3m11s
      		 
      couchbase-operator-admission         1/1     1            1           4m50s
      		 
      couchbase-service-broker             1/1     1            1           50s

      The next step requires installing clusterservicebroker in non-default namespace, executing which gave error:

      Prateeks-MacBook-Pro:couchbase-service-broker-kubernetes prateekkumar$ kubectl get clusterservicebrokers -n catalog
      		 
      NAME                       URL                                            STATUS                 AGE
      		 
      couchbase-service-broker   https://couchbase-service-broker.default.svc   ErrorFetchingCatalog   15s

      and 

      Error fetching catalog.Error getting broker catalog: Get https://couchbase-service-broker.catalog.svc/v2/catalog: x509: certificate is valid for couchbase-service-broker.default.svc, not couchbase-service-broker.catalog.svc

      This is expected since we did not generate TLS certs for catalog namespace.

      New TLS Certificates were not generated because latest DAC package of CAO 2.1.0 was applied and it already has modified DNS.

      https://issues.couchbase.com/browse/K8S-1701 explains the way out of it and am currently trying to implement the solution on my local. 

      The TLS issue once resolved will solve the upgrade testing scenario of Service Broker from CAO 2.0.2 -> 2.1.0 + non-default namespace scenario

      Syncing up with Simon on 11/23 (Monday) to resolve and close out this issue. All other scenarios have been tested according to the test plan.

      Attachments

        Issue Links

          blocks

          Task - A task that needs to be done. K8S-1639 Service Broker testing

          • Major - Major loss of function.
          • Resolved
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              prateek.kumar Prateek Kumar (Inactive)
              prateek.kumar Prateek Kumar (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty