https://signoz.io logo
#support
TLS handshake failures with self-hosted Signoz
# support
r

Rudi MK

02/02/2024, 6:14 AM
Hey folks. I've set up Signoz twice - once with EKS and nginx-ingress-4.6.1 and cert-manager-1.12.3, and then with K3s on AWS with nginx-ingress-4.3.0 and cert-manager-1.9.1(the versions bundled with the signoz chart). I've provisioned certificates via LetsEncrypt and exposed the collector endpoint publicly - but the
k8s-infra
agent deployment seems unable to push data. Keeps failing with a handshake error:
2024-02-02T05:37:36.132Z        info    exporterhelper/retry_sender.go:177      Exporting failed. Will retry the request after interval.        {"kind": "exporter", "data_type": "metrics", "name": "otlp", "error": "rpc error: code = Unavailable desc = connection error: desc = \"transport: authentication handshake failed: remote error: tls: handshake failure\"", "interval": "5.08956352s"}
. I can confirm that in both clusters, ingress and TLS work fine(since the Signoz frontend's also deployed and is easily accessible. I've tried adding the contents of
tls.crt
and
tls.key
from the certificate
Secret
on the SIgnoz cluster, to the Helm values for
k8s-infra
with the
otelTlsSecrets
block.
Actually managed to figure this out - I'd accidentally included
https://
in the ingestion endpoint. Works like a charm now.
3 Views