endpoints-runtime:2.9.0 : Invalid path: /etc/nginx/ssl/nginx.crt
20 views
Skip to first unread message
Manish Jain
May 28, 2020, 6:02:02 AM5/28/20
to Google Cloud Endpoints
Hello All,
Can someone help me with below error in esp 2.9.0.
error : Invalid path: /etc/nginx/ssl/nginx.crt
D0528 09:59:44.279 20 envoy] [20][misc][external/envoy/source/common/filesystem/posix/filesystem_impl.cc:139] Unable to determine canonical path for /etc/nginx/ssl/nginx.crt: No such file or directory
D0528 09:59:44.279 20 envoy] [20][init][external/envoy/source/common/init/watcher_impl.cc:27] Listener-local-init-watcher https_listener destroyed
D0528 09:59:44.279 20 envoy] [20][init][external/envoy/source/common/init/watcher_impl.cc:27] init manager Listener-local-init-manager https_listener 8284282472387698601 destroyed
D0528 09:59:44.279 20 envoy] [20][init][external/envoy/source/common/init/target_impl.cc:32] target Listener-init-target https_listener destroyed
D0528 09:59:44.279 20 envoy] [20][config][external/envoy/source/common/config/grpc_mux_impl.cc:106] Resuming discovery requests for type.googleapis.com/envoy.api.v2.RouteConfiguration
W0528 09:59:44.279 20 envoy] [20][config][external/envoy/source/common/config/grpc_subscription_impl.cc:101] gRPC config for type.googleapis.com/envoy.api.v2.Listener rejected: Error adding/updating listener(s) https_listener: Invalid path: /etc/nginx/ssl/nginx.crt
container def:
`containers:
- name: espimage: gcr.io/endpoints-release/endpoints-runtime:2.9.0
imagePullPolicy: Always
args: [
"--http_port", "8080",
"--ssl_port", "443",
"--backend", "127.0.0.1:8081",
"--service", "customer-data.endpoints.pj-nessie-dev.cloud.goog",
"--rollout_strategy", "managed",
"--dns", "169.254.169.254",
"--service_account_key", "/var/secrets/esp/esp-test-key.json",
"enable_debug"
]
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- mountPath: /var/secrets/esp
name: service-account-creds
]
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- mountPath: /var/secrets/esp
name: service-account-creds
readOnly: true`
Jilin Xia
May 28, 2020, 11:54:57 AM5/28/20
to Manish Jain, Google Cloud Endpoints
You also need to mount the path for your server certificate.
Besides, if you use ESPv2, it is better to update your flags for TLS, although the legacy ESPv1 flags should still work.
For details about ESPv2 flags, please refer to https://github.com/GoogleCloudPlatform/esp-v2/blob/master/docker/generic/start_proxy.py.
--
You received this message because you are subscribed to the Google Groups "Google Cloud Endpoints" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-endp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-endpoints/8e610be0-eb54-4fec-b71d-b9abd5379de4n%40googlegroups.com.
Jilin Xia Senior Software Engineer |
Reply all
Reply to author
Forward
0 new messages