Kong migration job fails for SSL. When I specify KONG_PG_SSL as “true”, it says field is immutable.
$ k logs pod/kong-migrations-wq4d6 -n apigateway
Error: [PostgreSQL error] failed to retrieve server_version_num: FATAL: SSL connection is required. Please specify SSL options and retry.
Run with --v (verbose) or --vv (debug) for more details
Where do you specify it?
Please make sure that you specify the field before you apply the above manifest.
Also, it might be happening that the migration Job already exists, in which case, please delete it first from your k8s cluster and then apply the update manifest.
It would be nice if you could PR this change of turning SSL on by default for Postgres and Kong communication.
But Yes you are right. Job was already there and they with SSL field I was applying manifest.
I used kubectl apply --force to make it work
I am not sure if we should PR this, my Postgres has SSL On, but may be not case with everyone. Rather we can add few lines in documentation. What do you think?
Did you have to configure anything in Kong or Postgres deployment other than changing values of environment values? If not, then we can include this in the default deployment for a little more secure and sane deployment.
If yes, then we should let users decide what is best for them.
Please send the Pull Request against kong/kubernetes-ingress-controller repository.
You have opened up Pull Requests against the fork itself, meaning you will merge in the changes in your copy of the code only.