Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

`--skip-verify` flag does not work on `microk8s join`

See original GitHub issue

When running the microk8s join command, it is possible to bypass certificate validation using the --skip-verify command. However, since PR https://github.com/ubuntu/microk8s/pull/1263, this does not appear to work as intended.

If a sha hash is present in the server connection, ex: microk8s join 192.168.50.4:25000/70cd002331e153d402d815fd21304237, the --skip-verify argument is ignored!

It appears that the verify variable is overwritten in the if block on line 944 (see https://github.com/ubuntu/microk8s/blob/master/scripts/cluster/join.py#L944). It appears that this check for the sha hash ignores the current state of verify.

I’m not sure if this is intended behavior or not, but it’s definitely misleading.

Inspection: inspection-report-20210712_014812.tar.gz

Issue Analytics

  • State:open
  • Created 2 years ago
  • Comments:8 (4 by maintainers)

github_iconTop GitHub Comments

3reactions
thomascrowleycommented, Feb 26, 2022

Hi @ktsakalozos, I am seeing the same behaviour but, I have a verification fingerprint in my connection string and the --skip-verify flag is still being ignored.

root@node1:~# microk8s join 10.0.2.15:25000/03d93cc55b5cf0e30a4f386dbe1f2a55/a70a064112d3
Contacting cluster at 10.0.2.15
Joining cluster failed. Could not verify the identity of 10.0.2.15. Use '--skip-verify' to skip server certificate check.
root@node1:~# microk8s join --skip-verify 10.0.2.15:25000/03d93cc55b5cf0e30a4f386dbe1f2a55/a70a064112d3
Contacting cluster at 10.0.2.15
Joining cluster failed. Could not verify the identity of 10.0.2.15. Use '--skip-verify' to skip server certificate check.
root@node1:~#
0reactions
neoaggeloscommented, Oct 4, 2022

@smandalika You should run this command inside the Multipass VM where microk8s is running:

multipass shell microk8s-vm

# inside the vm
sudo snap restart microk8s
Read more comments on GitHub >

github_iconTop Results From Across the Web

`--skip-verify` flag does not work on `microk8s join` · Issue #2420
When running the microk8s join command, it is possible to bypass certificate validation using the --skip-verify command. However, since PR #1263, this does ......
Read more >
Command reference - MicroK8s
This command enables the dashboard add-on if is not already enabled, ... --skip-verify : Skip the certificate verification of the node we are...
Read more >
Create a MicroK8s cluster
The MicroK8s instance on which this command is run will be the master of the ... '--worker' flag to join a node as...
Read more >
Troubleshooting - MicroK8s
Ensure the hostname of your machine name does not contain capital letters or underscores. Kubernetes normalizes the machine name causing its registration to ......
Read more >
High Availability (HA) - MicroK8s
It may take a few minutes to successfully join. Repeat this process (generate a token, run it from the joining node) for the...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

microk8s doesn't seem to work on raspberry pi 3 or 4 devices

Next page

Problem to execute microk8s CLI MacOs BigSur 11.4