-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mounting Custom CAs on Controller #260
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Today: It is possible to mount custom CAs on the W&B application, but not the controller itself. Customers like Continental have SSL interceptors between Kubernetes and the internet and need custom CAs on everything that talks to the internet. Contacting deploy.wandb.ai therefore fails.
Expectation: Custom CAs can be mounted to the controller pod in the same way that they can be mounted to the application.
Marc-Steffen Kaesz
August 14, 2024 at 5:00 AM
Edited
As a workaround:
We created a config map with the CA via:
kubectl create configmap custom-ca-pemstore --from-file=ContinentalCorporateITSecurity-ContinentalAG.crt
We edited the deployment manually to unblock them:
Controller is based on gcr.io/distroless/static-debian11. We cannot mount the bundle in the same way as on wandb-app as the update-ca-certificates command is not available.
The text was updated successfully, but these errors were encountered: