k8s Module: Unable to escape SSL_Cert error calling nodes.

[Boa Ah]

Team, My playbook is below and unable to get rid of the cert.

```

      - name: Fetch all deployments

        set_fact:

          deployments: "{{ lookup('k8s', kind='Deployment') }}"

          kubeconfig: $WORKSPACE

      - name: Fetch all Nodes with Module

        k8s:

         service: "{{ lookup('k8s', kind='Node') }}"

        #validate_certs: no

       verify_ssl: no

      kubeconfig: $WORKSPACE

```

any hint?

TASK [3_validations_on_ssh : Fetch all deployments] ********************************************************************************************************************

2019-10-18 14:31:42,409 WARNING Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)'),)': /apis/apps/v1/deployments

2019-10-18 14:31:42,430 WARNING Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)'),)': /apis/apps/v1/deployments

2019-10-18 14:31:42,447 WARNING Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)'),)': /apis/apps/v1/deployments

fatal: [target1]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'k8s'. Error was a <class 'urllib3.exceptions.MaxRetryError'>, original message: HTTPSConnectionPool(host='maglev-dev0-sjc4.nonprod-nvkong.com', port=443): Max retries exceeded with url: /apis/apps/v1/deployments (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)'),))"}

[Dick Visser]

I assume you want to get rid of the cert errors and not of the cert itself.  According to 

https://docs.ansible.com/ansible/latest/plugins/lookup/k8s.html you should use the ‘validate_certs’ option.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2a4961a7-a380-4967-a7da-0695e63f6749%40googlegroups.com.

--

Sent from a mobile device - please excuse the brevity, spelling and punctuation.