Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error while disabling TLS in server, setting secure-port = 0 throws error #637

Open
cerberus20 opened this issue Jan 24, 2024 · 3 comments
Open

Error while disabling TLS in server, setting secure-port = 0 throws error #637

cerberus20 opened this issue Jan 24, 2024 · 3 comments
Assignees
@dgrisonnet
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@cerberus20
Copy link

cerberus20 commented Jan 24, 2024
edited
Loading

What happened?:
We are trying to disable TLS on prom-adapter server so that it listens on plaintext http port. We want istio sidecar to manage TLS. But when settting secure-port=0, we get error:

F0124 08:10:49.144671 1 config.go:541] cannot derive external address port without listening on a secure port.

What did you expect to happen?:
We expected that setting secure-port = 0 will disable TLS on prom adapter server. As per documentation,
--secure-port int The port on which to serve HTTPS with authentication and authorization. If 0, don't serve HTTPS at all. (default 443)

Please provide the prometheus-adapter config:

prometheus-adapter config 
  - args:
    - --secure-port=0
    - --logtostderr=true
    - --log_dir=/home/sfdc
    - --log_file=adapter.log
    - --prometheus-url=http://localhost:20001
    - --prometheus-verb=POST
    - --metrics-relist-interval=1m
    - --v=20
    - --config=/etc/adapter/config.yaml
    - --metrics-max-age=15m

Please provide the HPA resource used for autoscaling:

HPA yaml

Please provide the HPA status:

Please provide the prometheus-adapter logs with -v=6 around the time the issue happened:

prometheus-adapter logs │ I0124 08:10:49.144412 1 requestheader_controller.go:244] Loaded a new request header values for RequestHeaderAuthRequestController │ │ F0124 08:10:49.144671 1 config.go:541] cannot derive external address port without listening on a secure port.

Anything else we need to know?:

Environment:

  • prometheus-adapter version: 0.10.0
  • prometheus version:
  • Kubernetes version (use kubectl version): Client -> v1.23.17 Server-> v1.24.17
  • Cloud provider or hardware configuration:
  • Other info:
@cerberus20 cerberus20 added the kind/bug Categorizes issue or PR as related to a bug. label Jan 24, 2024
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Jan 24, 2024
@cerberus20
Copy link
Author

Hi @dgrisonnet , can you please help here? Thank you

@dgrisonnet
Copy link
Member

/triage accepted
/assign

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 25, 2024
@osca-mwongera
Copy link

Hello, I encountered the same issue. I am deploying the registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.11.2 image without TLS certificates on Kubernetes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dgrisonnet dgrisonnet

Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@osca-mwongera @k8s-ci-robot @dgrisonnet @cerberus20