help needed : OpenStack cinder https certificate

[olivierBlanc]

Hello,
When trying to connect cinder to OpenStack tenant, I have a self-signed certificate problem (x509: certificate signed by unknown authority)
Is there a way to give the cinder driver, through the configuration, a ca-file to bypass this problem ?
Regards,
Olivier

[sushanthakumar]

@olivierBlanc , Can you elaborate a bit on your scenario. Are you using openstack which is integrated with soda projects?

[olivierBlanc]

Hi,

Yes, I am using OpenStack integrated with Soda Project.

So my infrastructure is IaaS with Openstack. I installed a Kubernetes v1.20.2 on this infra and I want to be able to access OpenStack volumes from my Pods in RWM mode.
To do so, I moved to SODA.

For my problem, I tried to move on and I modified the cinder.go file in contrib/drivers/openstack to add a parameter CAPEM read from cinder.yaml configuration file.
I pass this info to gophercloud/gophercloud/openstack/client.go AthenticatedClient function. I modified that function too, to initiate an http client transport aware of the RootCA to use.

From now on I bypassed the self-certificate problem that I had.
I'm still going on to check other problems that I have with my configuration file.
Let me know if I need to provide more infos, code or whatever.