Hi,
I installed vault and consul with their certs (Running Vault and Consul on Kubernetes | TestDriven.io), which all works great but there is a problem of getting metrics from vault when https is enabled!
Naimely, I want to srape the vaults endpoint (v1/sys/metrics) to get some vaules, but I constantly get the error from prometheus that the “cert is valid for 127.0.0.1 not 10.42.2.96”. The endpoint works when I try to curl it from vault itself (it works with 172.0.01), but when I try to scrape that endpoint from outside I get the mentioned error.
So, in theory this should work if I set the IP of the vault server in the SAN of the cert, but what happens when the IP of the vault podschanges?? I’m open to any suggestion’s.
Tnx,
Tom