tag:blogger.com,1999:blog-12653202055143099382024-03-05T12:57:24.789+05:30Cloud Devops Automation One stop blog for Aws Cloud, Webservers, Application Servers, Database Servers, Linux Admin, Scripting and Automation.Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.comBlogger380125tag:blogger.com,1999:blog-1265320205514309938.post-52218409447377050882024-01-28T07:26:00.005+05:302024-01-28T07:26:38.965+05:30Mastering Python: A Deep Dive into Iterables, Sequences, and String Manipulation Part4<iframe style="background-image:url(https://i.ytimg.com/vi/L0E06g1sEVs/hqdefault.jpg)" width="680" height="570" src="https://youtube.com/embed/L0E06g1sEVs?si=dw00rYGfXC7hOO3W" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-18994498308767427322024-01-17T15:15:00.006+05:302024-01-17T15:16:41.880+05:30Mastering Python Fundamentals: Built-in Functions, Keywords, Comments and Lexical Analysis Part-3<iframe frameborder="0" height="570" src="https://youtube.com/embed/ZQE95QuY43Y?si=JdZjfg86jLyVwmD1" style="background-image: url(https://i.ytimg.com/vi/ZQE95QuY43Y/hqdefault.jpg);" width="580"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-64787230295979115192024-01-17T08:34:00.005+05:302024-01-17T08:36:00.829+05:30[Solved] OutofSync issue Argocd after upgrading the KEDA to version 2.12.1<p><b style="font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Recently we updated the Keda version in the kubernetes and since we using Gitops the Argocd start showing outofsync even though keda itself got updated without issue but this warning will keep coming in the Argocd now</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipVdbbnVkDxSMoEKYpBzChIEZ12JYyxkJnXF_DGm1CsOlMlUTwTBrKZUjwQ8NDohrThFAHCRqqNjH0NXvVqymSmQNhPIhWiJI8MicpNwIbZpeGjuOC2oHaGQPiWK89vxFaeGItS8jXQK8EDoTwCN0VFRByVwCivoMt87TGwjdT7As4IU7CiBqcgTC7zM4/s1618/Screenshot%202024-01-17%20at%2010.54.33.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="934" data-original-width="1618" height="370" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipVdbbnVkDxSMoEKYpBzChIEZ12JYyxkJnXF_DGm1CsOlMlUTwTBrKZUjwQ8NDohrThFAHCRqqNjH0NXvVqymSmQNhPIhWiJI8MicpNwIbZpeGjuOC2oHaGQPiWK89vxFaeGItS8jXQK8EDoTwCN0VFRByVwCivoMt87TGwjdT7As4IU7CiBqcgTC7zM4/w640-h370/Screenshot%202024-01-17%20at%2010.54.33.png" width="640" /></a></div><br /><span><a name='more'></a></span><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused because the default value is false itself but during the swap from true to false, kubectl didn't remove the field, causing an error during the upgrade because KEDA couldn't patch the apiservice. This field will be removed in the future version as its totally not necessary and keda team explitcitly set false.</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">For now there is only a workaround possible, if you want to overcome this issue you can ignoredifference explicitly in the Argocd Config itself as</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br />1. Change the Argocd Application config as</p><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><pre class="c-mrkdwn__pre" data-stringify-type="pre" style="--saf-0: rgba(var(--sk_foreground_low, 29, 28, 29), 0.13); background: rgba(var(--sk_foreground_min, 29, 28, 29), 0.04); border-radius: 4px; border: 1px solid var(--saf-0); box-sizing: inherit; color: #1d1c1d; counter-reset: list-0 0 list-1 0 list-2 0 list-3 0 list-4 0 list-5 0 list-6 0 list-7 0 list-8 0 list-9 0; font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-variant-ligatures: none; line-height: 1.50001; margin-bottom: 4px; margin-top: 4px; overflow-wrap: break-word; overflow-y: hidden; padding: 8px; tab-size: 4; text-wrap: wrap; word-break: normal;">ignoreDifferences:
- group: apiregistration.k8s.io
kind: APIService
jsonPointers:
- /spec/insecureSkipTLSVerify</pre><div class="p-rich_text_section" style="background-color: #f8f8f8; box-sizing: inherit; color: #1d1c1d; counter-reset: list-0 0 list-1 0 list-2 0 list-3 0 list-4 0 list-5 0 list-6 0 list-7 0 list-8 0 list-9 0; font-family: Slack-Lato, Slack-Fractions, appleLogo, sans-serif; font-size: 15px; font-variant-ligatures: common-ligatures; white-space: normal;"></div></pre>You can add this simply under the spec field in your argocd config.<div><br /></div><div>Also this outofsync won't break any configuration for now and this would be resolved in the future releases for the Keda. So applying this workaround to get over this outofsync issue or not is totally up to you.</div>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-75573411903043398632024-01-13T19:15:00.004+05:302024-01-13T19:15:51.481+05:30"Mastering Python: A Comprehensive Guide to Programming , Web Development, Data Science, Part 2!<iframe width="580" height="670" src="https://youtube.com/embed/M0KC4tlcAFk?si=_T7piizSVUcZgs88" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-46339536178298865892024-01-12T07:53:00.002+05:302024-01-12T07:53:26.952+05:30Mastering Python: A Guide to Programming Excellence, Web Development, Data Science Series PART 1<iframe frameborder="0" height="470" src="https://youtube.com/embed/nMmIJGguO4o?si=m8dc_IxaXKqBRCMl" style="background-image: url(https://i.ytimg.com/vi/nMmIJGguO4o/hqdefault.jpg);" width="580"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-86590801263458147102023-12-12T08:18:00.004+05:302023-12-12T08:18:34.320+05:30[Solved] Something went wrong when we tried to create 'main' for you: Cannot create branch. The branch name must match this regular expression: (bug|hotfix|feature|release)\/[a-zA-Z0-9]+-[0-9]+-[a-zA-Z0-9-]+/*<p> <b style="font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While working on a new gitlab repository, when i tried to commit some files into the empty repository it failed with the following error thrown by the pre-receive hook</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;">Something went wrong when we tried to create 'main' for you: Cannot create branch. The branch name must match this regular expression: (bug|hotfix|feature|release|main)\/[a-zA-Z0-9]+-[0-9]+-[a-zA-Z0-9-]+/*<span style="color: #232629; font-family: ui-monospace, "Cascadia Mono", "Segoe UI Mono", "Liberation Mono", Menlo, Monaco, Consolas, monospace;"><span style="text-wrap: wrap;">
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">By default Gitlab would restrict the branch name to follow certain standards to make it easier to determine why the branch was created in first place by putting regex like</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-size: 14.3px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;">(bug|hotfix|feature|release)\/[a-zA-Z0-9]+-[0-9]+-[a-zA-Z0-9-]+/* </pre><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;"><span style="font-size: 14.3px; font-weight: 400;">so when i tried to create the main branch than also it was expecting the above regex to be matched however that was not the case so it throw the above error. </span></h3><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">It's a good practice to follow naming convention so go ahead and temporarily disable the naming convention in Branch as</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">repository-->Settings--->Repository--->Push rules--->Branch name</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Remove the following values from the Branch name</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-size: 14.3px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;">(bug|hotfix|feature|release)\/[a-zA-Z0-9]+-[0-9]+-[a-zA-Z0-9-]+/*</pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">After that save push rules</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Once you have created the main branch than go back and again put the value to follow the regex patter while creating branch in your repository</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-size: 14.3px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;">(bug|hotfix|feature|release)\/[a-zA-Z0-9]+-[0-9]+-[a-zA-Z0-9-]+/*</pre>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-91120990392510893802023-12-12T07:35:00.004+05:302023-12-12T07:35:57.047+05:30[Solved] dial unix .lima/colima/ha.sock: connect: connection refused<p> <b style="font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">I have been using colima instead of the docker desktop for some time. Recently while starting colima got the following error</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="font-size: 14.3px; text-wrap: wrap;">errors inspecting instance: [failed to get Info from "/Users/ankitmittal/.lima/colima/ha.sock": Get "http://lima-hostagent/v1/info": dial unix /Users/ankitmittal/.lima/colima/ha.sock: connect: connection refused]
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused due to the older sock file and colima not able to read from it properly.</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To resolve the issue go ahead and stop the colima using limactl and than start again and check status</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br />1. Stop the colima using limactl</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">ankitmittal@ip-172-168-2-151 ~ % limactl stop -f colima
INFO[0000] The qemu driver process seems already stopped
INFO[0000] Sending SIGKILL to the host agent process 1082
ERRO[0000] operation not permitted
INFO[0000] Removing /Users/ankitmittal/.lima/colima under "*.pid *.sock *.tmp"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/ga.sock"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/ha.pid"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/qmp.sock"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/serial.sock"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/serialp.sock"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/serialv.sock"
INFO[0000] Removing "/Users/ankitmittal/.lima/colima/ssh.sock"</code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">2. Start the colima</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">ankitmittal@ip-172-168-2-151 ~ % colima start<br />INFO[0000] starting colima
INFO[0000] runtime: docker
INFO[0000] preparing network ... context=vm
INFO[0001] starting ... context=vm
INFO[0038] provisioning ... context=docker
INFO[0038] starting ... context=docker
INFO[0044] done</code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">3. Check the status of the colima, it should be up and running now</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">ankitmittal@ip-172-168-2-151 ~ % colima status
INFO[0000] colima is running using QEMU
INFO[0000] arch: aarch64
INFO[0000] runtime: docker
INFO[0000] mountType: sshfs
INFO[0000] socket: unix:///Users/ankitmittal/.colima/default/docker.sock
"Resource": [
"arn:aws:kms:ap-south-1:121294719847:key/e96772364-f678-4589-82aa-396casdafu",
"arn:aws:kms:ap-south-1:121294719847:key/6415234-e778-4355-a224-8f42341234", <br /> "arn:aws:kms:ap-south-1:121294719847:key/077b234-b165-4d5c-be78-a174ad23" <br /> ]
} </code></pre>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-33292549944797339032023-12-05T18:14:00.002+05:302023-12-05T18:14:18.713+05:30Mastering Kubernetes Dynamic Admission Controller| Series part-7 | External Admission Controller<iframe width="680" height="670" src="https://youtube.com/embed/KxNrpTTNpZ0?si=w9fO6Y-l9ydmpQdZ" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-85392434986846947152023-12-05T18:11:00.004+05:302023-12-05T18:11:27.402+05:30Launching EKS Cluster on AWS 1.28 using EKSCTL in a New AWS Account<iframe frameborder="0" height="660" src="https://youtube.com/embed/ve-5lJb8h2g?si=wSWuZkYQGmAd1b3C" width="680"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-21501868788850528022023-12-04T16:52:00.006+05:302023-12-04T16:52:26.857+05:30[Solved] Error: updating RDS Cluster KMSKeyNotAccessibleFault: The specified KMS key [null] either doesn't exist, isn't enabled, or isn't accessible by the current user. Either specify a different key or access the key with a different user.<p><b> <span style="background-color: white; font-family: Arial, serif; font-size: 24.31px;">Issue:-</span></b></p><p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While restoring RDS Cluster from the snapshot i recently came across a issue with the IAM permission because i was not using the Admin permission rather want to stick with the least permission required to get the work done. Thats where i encountered this error</span></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="font-size: 14.3px; text-wrap: wrap;">Error: updating RDS Cluster KMSKeyNotAccessibleFault: The specified KMS key [null] either doesn't exist, isn't enabled, or isn't accessible by the current user. Either specify a different key or access the key with a different user.
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause/Solution:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused because of the missing IAM permission for the KMS Key. For solution to this problem checkout the Cloudtrail for the Event <b>DescribeKey. </b>You should find a event failing for this event to an unknown key. When you will checkout further you will find the key is for the aws/secretsmanager.</p><p style="background-color: white;"><span style="font-family: Arial, serif;"><span style="font-size: 14.3px;">if you select the option <b>ManageMasterUserPassword: true</b> then you not only need to add IAM permissions for <b>secretsmanager:CreateSecret </b>but you also need to add KMS permissions for <b>kms:DescribeKey</b> on the aws/secretsmanager KMS key ID arn.</span></span></p><div>Copy the Arn of the key which is referenced in the Cloudtrail and make an entry in the IAM role you using that should solve your issue.</div><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">In my case AWS Support was not able to figure this out. And they instead point me in wrong direction saying somehow the key was not being passed and its taking value null which is not the case here.</p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;"><br /></h3>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-46590858872904060122023-12-04T12:57:00.004+05:302023-12-04T12:57:33.906+05:30[Solved] KMSKeyNotAccessibleFault: The specified KMS key does not exist, is not enabled or you do not have permissions to access it.<p> <b style="font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While running the terraform i came across the IAM permission issue which prevented access to the kms key</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="font-size: 14.3px; text-wrap: wrap;">KMSKeyNotAccessibleFault: The specified KMS key does not exist, is not enabled or you do not have permissions to access it.
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused because the IAM role being used by terraform is missing the permission of "kms:CreateGrant"</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To resolve the issue in the IAM policy please grant the following permission "kms:CreateGrant" to the relevant kms key. that should solve the issue</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">{
"Action": [
"kms:Sign",
"kms:ReEncrypt*",
"kms:GetPublicKey",
"kms:GenerateDataKey*",
"kms:Encrypt",
"kms:DescribeKey",
"kms:Decrypt",
"kms:CreateGrant"
],
"Effect": "Allow",
"Resource": [
"arn:aws:kms:ap-south-1:121294719847:key/e96772364-f678-4589-82aa-396casdafu",
"arn:aws:kms:ap-south-1:121294719847:key/6415234-e778-4355-a224-8f42341234", <br /> "arn:aws:kms:ap-south-1:121294719847:key/077b234-b165-4d5c-be78-a174ad23" <br /> ]
} </code></pre>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-50250899544402877142023-12-04T12:08:00.006+05:302023-12-04T12:08:57.244+05:30[Solved] * exec: "tfsec": executable file not found in $PATH<p> <b style="font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While running the terragrunt plan in the Gitlab runner came across the following error</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="font-size: 14.3px; text-wrap: wrap;">* exec: "tfsec": executable file not found in $PATH
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused because the tfsec was not installed in the container image.</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To install the tfsec simply run the following bash script and it should install the tfsec on your machine</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="text-wrap: wrap;">curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash</span></span></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-2906854870047813042023-12-03T10:40:00.006+05:302023-12-03T10:41:11.426+05:30Mastering Kubernetes Dynamic Admission Controller | Series Part-4 | Validating Admission Controller<iframe width="680" height="670" src="https://youtube.com/embed/jln29_myvJM?si=0C04EX1Mr99GaNnU" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-60966949318425303052023-12-03T10:40:00.001+05:302023-12-03T10:40:28.951+05:30Mastering Kubernetes Dynamic Admission Controller | Series Part-3|| Mutating Admission Controller use case<iframe width="680" height="670" src="https://youtube.com/embed/6gF5Yp-7poU?si=XCxAgZGr0LZTO17i" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-90831968140301164012023-11-28T18:00:00.001+05:302023-11-28T18:00:16.992+05:30Understanding Kubernetes||Dynamic Admission Controller||Series Part-2||Mutating Admission Controller<iframe width="580" height="670" src="https://youtube.com/embed/1HP2dYRADzc?si=lr6t_cpazlVLfGcG" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-72856434953132513432023-11-28T17:58:00.001+05:302023-11-28T17:58:12.243+05:30Understanding Kubernetes ||Dynamic Admission Controller|| Series Part-1<iframe frameborder="0" height="670" src="https://youtube.com/embed/3LvO_ND1voc?si=N2Jklq6ox9UnCpfc" width="580"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-55136991356262496222023-09-12T10:32:00.006+05:302023-09-12T10:32:40.402+05:30[Solved] Error saving credentials: error storing credentials - err: exec: "docker-credential-desktop": executable file not found in $PATH, out: ``<p> <b style="background-color: white; font-family: Arial, serif; font-size: 24.31px;">Error:-</b></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While building the image on the ubuntu image got the following error</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="text-wrap: wrap;">Error saving credentials: error storing credentials - err: exec: "docker-credential-desktop": executable file not found in $PATH, out: ``
"credsStore": "desktop",
</span></span></pre></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The issue is caused because the config file inside the ~/.docker/config.json is using credsStore which should be credStore</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Removing the extra s in the CredsStore in the file ~/.docker/config.json should solve the problem</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">From</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="text-wrap: wrap;">"credsStore": "desktop",</span></span></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="color: #232629; font-family: ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace;"><span style="text-wrap: wrap;">"credStore": "desktop",</span></span></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-88239657636869632772023-08-05T11:41:00.003+05:302023-08-05T11:44:37.042+05:30[Solved] Failed to deploy artifacts: Could not transfer artifact gitlab-maven status code: 401, reason phrase: Unauthorized (401)<p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><span style="font-size: 24.31px;"><b>Error:-</b></span></p><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While pushing the artifacts jar files to the gitlab project package registry got error Unauthorized (401) as mentioned below</div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><div style="background-color: white;"><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span face="ui-monospace, Cascadia Mono, Segoe UI Mono, Liberation Mono, Menlo, Monaco, Consolas, monospace" style="color: #232629;"><span style="text-wrap: wrap;">[ERROR] Failed to execute goal:- Failed to deploy artifacts: Could not transfer artifact ExampleApp:jar:1.1 from/to gitlab-maven (https://gitlab-dedicated.com/api/v4/projects/1520/packages/maven): status code: 401, reason phrase: Unauthorized (401) -></span></span></pre></div><div style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Scenario:-</h3><div>It was a maven project with private runners running and pushing the artifacts to the project package registry. Usually we are able to achieve this without any issue using the deploy token with mvn clean deploy goal in other projects without any issue. But the lately the project was different because it was having the multiple artifacts created via rest api request and using the maven to push to the gitlab package registry due to which we cannot run mvn clean deploy. so instead we end up using the mvn deploy:deploy-file to push the artifacts resulting in the authentication issue even with the deploy token when the deploy token itself is having the permission on the package registry as per the gitlab documentation.</div><div><br /></div><div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3></div><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Even after trying all the tokens not able to push to the gitlab package registry. It was because of how our settings.xml file has been written. If you just pushing the packages directly in package registry you need to follow the following gitlab documentation</p><p style="background-color: white;"><span style="font-family: Arial, serif;"><span style="font-size: 14.3px;">https://docs.gitlab.com/ee/user/packages/maven_repository/</span></span></p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">So the above documentation clearly gives the settings.xml as</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;"> <settings>
<servers>
<server>
<id>gitlab-maven</id>
<configuration>
<httpHeaders>
<property>
<name>REPLACE_WITH_NAME</name>
<value>REPLACE_WITH_TOKEN</value>
</property>
</httpHeaders>
</configuration>
</server>
</servers>
</settings> </code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">However if you checkout the name it says REPLACE_WITH_NAME. So if you quickly going through the documentation you will understood it as the username of the token which you would have provided at the time of the deploy token creation. However thats where the fine prints come into the picture as</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><span face=""gitlab sans", -apple-system, "system-ui", "segoe ui", Roboto, "noto sans", Ubuntu, Cantarell, "helvetica neue", sans-serif, "apple color emoji", "segoe ui emoji", "segoe ui symbol", "noto color emoji"" style="background-color: #fafafa; font-size: 16px;">The </span><code class="highlighter-rouge" style="background-color: #f0f0f0; border-radius: 4px; box-sizing: border-box; color: #404040; font-family: "GitLab Mono", "JetBrains Mono", Menlo, "DejaVu Sans Mono", "Liberation Mono", Consolas, "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; font-size: 14px; line-height: 1; overflow-wrap: break-word; padding: 2px; transition: background-color 0.15s linear 0s; word-break: break-word;"><name></code><span face=""gitlab sans", -apple-system, "system-ui", "segoe ui", Roboto, "noto sans", Ubuntu, Cantarell, "helvetica neue", sans-serif, "apple color emoji", "segoe ui emoji", "segoe ui symbol", "noto color emoji"" style="background-color: #fafafa; font-size: 16px;"> field must be named to match the token you chose.</span></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Even this might skip the checkpoint as name is mentioned but it specifically says that the name should be of deploy-token as</p><table style="background-color: white; border-collapse: collapse; border-spacing: 0px; color: #404040; font-family: "gitlab sans", -apple-system, "system-ui", "segoe ui", Roboto, "noto sans", Ubuntu, Cantarell, "helvetica neue", sans-serif, "apple color emoji", "segoe ui emoji", "segoe ui symbol", "noto color emoji"; font-size: 0.875rem; line-height: 1.5; margin-bottom: 1.5em; margin-top: 1rem; max-width: 100%; overflow: auto; position: relative; table-layout: auto; width: 842px;"><thead style="box-sizing: border-box;"><tr style="border-bottom: 1px solid rgb(240, 240, 240); border-top: 0px; box-sizing: border-box;"><th style="box-sizing: border-box; color: #1f1f1f; line-height: 1.25; padding: 14px; position: sticky; text-align: left; top: 3rem; vertical-align: top; z-index: 1;">Token type</th><th style="box-sizing: border-box; color: #1f1f1f; line-height: 1.25; padding: 14px; position: sticky; text-align: left; top: 3rem; vertical-align: top; z-index: 1;">Name must be</th><th style="box-sizing: border-box; color: #1f1f1f; line-height: 1.25; padding: 14px; position: sticky; text-align: left; top: 3rem; vertical-align: top; z-index: 1;">Token</th></tr></thead><tbody style="box-sizing: border-box;"><tr style="border-top: 1px solid rgb(240, 240, 240); box-sizing: border-box;"><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;">Personal access token</td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;"><code class="highlighter-rouge" style="background-color: #f0f0f0; border-radius: 4px; box-sizing: border-box; font-family: "GitLab Mono", "JetBrains Mono", Menlo, "DejaVu Sans Mono", "Liberation Mono", Consolas, "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; font-size: 12.25px; line-height: 1; overflow-wrap: break-word; padding: 2px; transition: background-color 0.15s linear 0s;">Private-Token</code></td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;">Paste token as-is, or define an environment variable to hold the token</td></tr><tr style="border-top: 1px solid rgb(240, 240, 240); box-sizing: border-box;"><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;">Deploy token</td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;"><code class="highlighter-rouge" style="background-color: #f0f0f0; border-radius: 4px; box-sizing: border-box; font-family: "GitLab Mono", "JetBrains Mono", Menlo, "DejaVu Sans Mono", "Liberation Mono", Consolas, "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; font-size: 12.25px; line-height: 1; overflow-wrap: break-word; padding: 2px; transition: background-color 0.15s linear 0s;">Deploy-Token</code></td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;">Paste token as-is, or define an environment variable to hold the token</td></tr><tr style="border-bottom: 1px solid rgb(240, 240, 240); border-top: 1px solid rgb(240, 240, 240); box-sizing: border-box;"><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;">CI Job token</td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;"><code class="highlighter-rouge" style="background-color: #f0f0f0; border-radius: 4px; box-sizing: border-box; font-family: "GitLab Mono", "JetBrains Mono", Menlo, "DejaVu Sans Mono", "Liberation Mono", Consolas, "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; font-size: 12.25px; line-height: 1; overflow-wrap: break-word; padding: 2px; transition: background-color 0.15s linear 0s;">Job-Token</code></td><td style="box-sizing: border-box; max-width: 12rem; padding: 1em; vertical-align: top;"><code class="highlighter-rouge" style="background-color: #f0f0f0; border-radius: 4px; box-sizing: border-box; font-family: "GitLab Mono", "JetBrains Mono", Menlo, "DejaVu Sans Mono", "Liberation Mono", Consolas, "Ubuntu Mono", "Courier New", "andale mono", "lucida console", monospace; font-size: 12.25px; line-height: 1; overflow-wrap: break-word; padding: 2px; transition: background-color 0.15s linear 0s;">${CI_JOB_TOKEN}</code></td></tr></tbody></table><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">which means you dont have to use the username instead use Deploy-Token. Now once i used the Deploy-Token username than my issue of the 401 unauthorized got resolved and i was able to upload the artifact into the gitlab registry. So finally my settings.xml file looks like this</p><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;"> <servers>
<server>
<id>gitlab-maven</id>
<configuration>
<httpHeaders>
<property>
<name>Deploy-Token</name>
<value><deploy-token></value>
</property>
</httpHeaders>
</configuration>
</server>
<profiles>
<profile>
<id>gitlab</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>gitlab-maven</id>
<url>https://gitlab-dedicated.com/api/v4/groups/56789/-/packages/maven</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
</profile>
</profiles>
</settings> </code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-62204966993254549202023-07-30T15:22:00.005+05:302023-07-30T15:22:37.578+05:30Simplifying Package Management with AWS CodeArtifact | Part 2: Exploring Artifact Repositories<iframe style="background-image:url(https://i.ytimg.com/vi/ee2F3pK1gIY/hqdefault.jpg)" width="680" height="670" src="https://youtube.com/embed/ee2F3pK1gIY" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-21166751777602943012023-07-30T15:11:00.001+05:302023-07-30T15:11:24.038+05:30Part-1 AWS CodeArtifact - Simplify Your Package Management with Secure Artifact Repositories<iframe style="background-image:url(https://i.ytimg.com/vi/t4NnqYlxVLo/hqdefault.jpg)" width="680" height="570" src="https://youtube.com/embed/t4NnqYlxVLo" frameborder="0"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-30124492074020002442023-07-30T08:14:00.004+05:302023-07-30T08:14:17.116+05:30Stream Any App Anywhere: Introduction to AWS AppStream<iframe frameborder="0" height="670" src="https://youtube.com/embed/AuTpgZ5kjr4" style="background-image: url(https://i.ytimg.com/vi/AuTpgZ5kjr4/hqdefault.jpg);" width="680"></iframe>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-71066988709572495102023-05-16T09:31:00.009+05:302023-05-16T09:31:52.626+05:30[Solved] Pressing enter produces ^M instead of a newline in the MAC/Linux<p><span style="background-color: white; font-family: Arial, serif; font-size: 24.31px;"><b>Error:-</b></span></p><div>So while working on the Terraform and running terraform apply came across a issue where terraform was asking for the confirmation of yes and after entering yes , the terminal did took it as an Enter rather was printing ^M every time pressed enter. Due to which the terraform apply wont work.</div><div><br /></div><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">The most likely issue causing this is the stty terminal line setting. To resolve this issue lookout for the solution below.</p><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Note:- since you not able to enter in my case, i pressed ctrl+z which move the process in background which resulted in the terraform lock not getting released and further increasing my problem due to which i have to go and unlock the state forcefully.<br /></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Better way is to go with ctrl+c which prevents the state locking.</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To resolve this issue try entering the following command</p><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><span style="background-color: #e3e6e8; color: #232629; font-family: ui-monospace, "Cascadia Mono", "Segoe UI Mono", "Liberation Mono", Menlo, Monaco, Consolas, monospace; font-size: 13px; white-space: pre-wrap;">stty sane</span></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Once you enter this , the problem of Enter printing ^M instead should be solved. </p>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-72471394510240217082023-05-16T09:21:00.004+05:302023-05-16T09:21:39.960+05:30[Solved] 0/111 nodes are available: 111 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}<p>While deploying the application deployment for the gitlab runner recently faced the following error in the EKS Fargate on Amazon AWS</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Error:-</h3><pre style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">0/111 nodes are available: 111 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}</code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"> </p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><div>So Even though i have sufficient capacity in the EKS still the pod was not getting elected for the deployment in the EKS Fargate cluster. This is because of the missing Fargate profile which enables you to select and differentiate which pods you want to run in fargate and which dont. So you can differentiate between the deployments if you having onpremise or your own eks cluster running on ec2 nodes.</div><div><br /></div><div>In my case i deployed on separate Namespace and each namespace needs to have associated Fargate profile along with the IAM roles for the permissions on the AWS Resources like the ECR for image download. In my case i just created a new NS and done the deployment in the EKS due to which the pods were not allocated to any nodes.</div><span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><a name="more"></a></span><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To resolve the above issue go ahead and create a fargate profile as </p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><span style="background-color: #f9f9f9; color: #1d8102; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-weight: 700; white-space: pre;">eksctl create fargateprofile \
--cluster </span><code class="replaceable" style="background-color: #f9f9f9; color: #d13212; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-style: italic; font-weight: 700; white-space: pre;"><span style="background-color: unset; font-family: unset;">my</span>-cluster</code><span style="background-color: #f9f9f9; color: #1d8102; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-weight: 700; white-space: pre;"> \
--name </span><code class="replaceable" style="background-color: #f9f9f9; color: #d13212; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-style: italic; font-weight: 700; white-space: pre;"><span style="background-color: unset; font-family: unset;">my</span>-fargate-profile</code><span style="background-color: #f9f9f9; color: #1d8102; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-weight: 700; white-space: pre;"> \
--namespace </span><code class="replaceable" style="background-color: #f9f9f9; color: #d13212; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-style: italic; font-weight: 700; white-space: pre;">my-kubernetes-<span style="background-color: unset; font-family: unset;">namespace</span></code><span style="background-color: #f9f9f9; color: #1d8102; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-weight: 700; white-space: pre;"> \
--labels </span><code class="replaceable" style="background-color: #f9f9f9; color: #d13212; font-family: Monaco, Menlo, Consolas, "Courier Prime", Courier, "Courier New", monospace; font-size: 16px; font-style: italic; font-weight: 700; white-space: pre;"><span style="background-color: unset; font-family: unset;">key</span>=value</code></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">You can checkout the AWS Documentation link for more details on Fargate profile</p><p style="background-color: white;"><span style="font-family: Arial, serif;"><span style="font-size: 14.3px;"><a href="https://docs.aws.amazon.com/eks/latest/userguide/fargate-profile.html">https://docs.aws.amazon.com/eks/latest/userguide/fargate-profile.html</a></span></span></p>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-64313950668111805952023-04-16T13:45:00.004+05:302023-04-16T13:45:44.328+05:30[Solved] Argocd invalid username and password<p> </p><p><span style="font-family: Arial, serif;">After installing the Argocd in kubernetes facing issue during the login to Argocd UI in browser with error invalid username or password <br /></span></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Error:-</h3><pre style="background-attachment: scroll; background-clip: border-box; background-color: #f0f0f0; background-origin: padding-box; background-position: 0% 0%; background-repeat: repeat; background-size: auto; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">Invalid username or password<br /></code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"> </p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">MosCt of the places you will find that the initial password for the Argocd is the container name with argocd-server or argocd-server.namespace but by entering both of them you would still go through the same issue and it wont login. Argocd set up a one time password and you wont be able to decode the password which is in secrets manager as that password even dont work.</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Check the solution below<br /></p><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution :-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Argocd sets up a one time password which you will have to get from the Argocd pod itself as<br /></p><pre style="background-attachment: scroll; background-clip: border-box; background-color: #f0f0f0; background-origin: padding-box; background-position: 0% 0%; background-repeat: repeat; background-size: auto; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">vagrant@vagrant-VirtualBox:~/Desktop$ kubectl exec -n argocd argocd-server-64957744c9-zv72p -- argocd admin initial-password<br />D801LidqTOVXiCGh</code></pre><p style="background-color: white;"><span style="font-family: Arial, serif;">Remember this is the initial password which has been setup and you should go ahead and change this password as</span><br /></p><div><div><pre style="background-attachment: scroll; background-clip: border-box; background-color: #f0f0f0; background-origin: padding-box; background-position: 0% 0%; background-repeat: repeat; background-size: auto; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><div style="font-family: Times; font-size: medium; white-space: normal;">argocd admin --password string</div></pre></div></div><div></div><div></div><div>This would update the password for the Argocd admin user.<br /><br /></div>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0tag:blogger.com,1999:blog-1265320205514309938.post-19076432968523994612023-04-16T11:34:00.005+05:302023-04-16T11:34:40.753+05:30[Solved] Error: SSL certificate problem: self signed certificate in certificate chain<p> <span style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">While creating a ubuntu machine in vagrant recently faced a issue where the image download failed with a SSL error as mentioned below</span></p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Error:-</h3><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'krec/ubuntu2004-x64' could not be found. Attempting to find and install...
default: Box Provider: virtualbox
default: Box Version: >= 0
The box 'krec/ubuntu2004-x64' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Vagrant Cloud, please verify you're logged in via
`vagrant login`. Also, please double-check the name. The expanded
URL and error message are shown below:
URL: ["https://vagrantcloud.com/krec/ubuntu2004-x64"]
Error: SSL certificate problem: self signed certificate in certificate chain</code></pre><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"> </p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Cause:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">If you're encountering a "self signed certificate in certificate chain" error when using Vagrant, it means that the SSL certificate used by the server you're connecting to is not trusted by your system because it is self-signed or not signed by a trusted authority. This can be a security risk, so there can be 2 cases</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">1. In some cases(testing) it may be acceptable to temporarily disable certificate validation for testing or development purposes.</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">2. you need to use a self-signed certificate for SSL/TLS connections in a production environment, you can add the certificate to the trusted certificates on your system.</p><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">Based on your use case you can implement any of the solution mentioned below</p><span><a name='more'></a></span><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;"><br /></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution 1:-</h3><p style="background-color: white; font-family: Arial, serif; font-size: 14.3px;">To disable certificate validation in Vagrant, you can add the following line anywhere in your Vagrantfile :</p><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><code style="overflow-wrap: normal;">config.vm.box_download_insecure = true</code></pre><p style="background-color: white;"><span style="font-family: Arial, serif;"><span style="font-size: 14.3px;">This will allow Vagrant to download the box file without validating the SSL certificate of the server. Note that this is not recommended for production environments or situations where security is a concern.</span></span></p><p style="background-color: white;"><span style="font-family: Arial, serif;"><span style="font-size: 14.3px;"><br /></span></span></p><h3 style="background-color: white; font-family: Arial, serif; font-size: 24.31px; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px;">Solution 2:-</h3><div><br /></div><div><div>If you need to use a self-signed certificate for SSL/TLS connections in a production environment, you can add the certificate to the trusted certificates on your system. You can do this by following these steps:</div><div><br /></div><div>Export the self-signed certificate from the server you're connecting to. You can usually do this by accessing the server's web interface and exporting the SSL certificate from your browser.</div><div><br /></div><div>Copy the exported certificate to your local machine and save it as a ".crt" file.</div><div><br /></div><div>Open a terminal window and navigate to the directory where you saved the certificate file.</div><div><br /></div><div>Run the following command to add the certificate to the system's trusted certificates:</div><div><br /></div><div><pre style="background-attachment: initial; background-clip: initial; background-color: #f0f0f0; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEO0D712G5eJw73EM333kfhyvG5FiV4BH7erPNCj6WpsXlYpVOK5jA0ROLMapOAljECVgwvxWy5Xq177slQ-cZoQvnjdmq38F5Siiprs7GzTmSfylmQrIHt_mR-_unVZtwOiwxtYAfv5A/s320/codebg.gif") rgb(240, 240, 240); border: 1px dashed rgb(204, 204, 204); font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; width: 450.844px;"><div style="font-family: Times; font-size: medium; white-space: normal;">sudo cp <certificate-file>.crt /usr/local/share/ca-certificates/</div><div style="font-family: Times; font-size: medium; white-space: normal;">sudo update-ca-certificates</div></pre></div><div>This will copy the certificate file to the system's trusted certificates directory and update the system's certificate store.</div><div><br /></div><div>Once the certificate is added to the system's trusted certificates, you should be able to connect to the server using SSL/TLS without encountering a "self signed certificate in certificate chain" error.</div><div><br /></div><div>Note that the specific steps for adding a certificate to the trusted certificates may vary depending on your system and the server you're connecting to. Be sure to consult the documentation for your system and the server to ensure that you are following the correct procedure.</div></div><div><br /></div>Ankit Mittalhttp://www.blogger.com/profile/11518226723319046678noreply@blogger.com0