Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HTTPS Certificate to prombench.prometheus.io #777

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Vandit1604
Copy link
Contributor

Fixes #724

This PR aims to add an HTTPS certificate for prombench.prometheus.io using Cert-Manager and Let's Encrypt. Testing the setup locally has proven challenging. Here’s a summary of the modifications and approaches tried so far:

  • Updated the Nginx Service type to NodePort from LoadBalancer for easier local access.
  • Changed the Prometheus Service type to ClusterIP with Ingress managing external access.
  • Configured the Ingress resource to handle TLS with the prombench-prometheus-tls secret for HTTPS.
  • Modified /etc/hosts to map prombench.prometheus.io to 127.0.0.1 but it worked when I mapped it to Node IP and add the Host in the header when testing to
  • Successfully triggered and verified the ACME HTTP-01 challenge by adding the node IP to /etc/hosts, but the challenge does not get solved automatically with the manifest setup.

I’d appreciate any guidance on how to test this locally. The Issue was because of DNS since after mapping in /etc/hosts I was able to solve the challenge(Tested via curl)
If there's a better way to test this locally. Please let me know.
Thank you!

@Vandit1604
Copy link
Contributor Author

Does this PR require some changes?
Let me know if it does.

gentle ping @bboreham

@kakkoyun kakkoyun requested a review from bboreham November 28, 2024 13:05
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: [email protected]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe an email Prometheus specific?

Copy link
Contributor Author

@Vandit1604 Vandit1604 Nov 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whose email should I put here? I added mine when I was testing locally.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add https certificate for http://prombench.prometheus.io/
2 participants