I am trying to connect the Python-Arango library to an application. I have set up the ArangoDB on Kubernetes nodes using this tutorial. My yaml file for the cluster is like this:
---
apiVersion: "database.arangodb.com/v1alpha"
kind: "ArangoDeployment"
metadata:
name: "arango-cluster"
spec:
mode: Cluster
image: arangodb/arangodb:3.7.6
tls:
caSecretName: arango-cluster-ca
agents:
storageClassName: my-local-storage
resources:
requests:
storage: 2Gi
dbservers:
storageClassName: my-local-storage
resources:
requests:
storage: 17Gi
externalAccess:
type: NodePort
nodePort: 31200
Setup seems fine, since I am able to access the web UI as well as through Arango shell. However, when I am using the python-arango library to connect my application to the DB, I am getting a certificate related error:
Max retries exceeded with url: /_db/testDB/_api/document/demo/10010605 (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
When doing kubectl get secrets
, I see arango-cluster-ca
there, which I have explicitly mentioned in the YAML file above. I have also set the verification flag in the python code False as follows
db = client.db(name='testDB', verify=False, username='root', password='')
Yet, it does not bypass the verification as expected.
I would like to understand what I could have missed - either during setup, or in the Python call - which is not letting me bypass this SSL certificate error issue, or if it's possible to set the certificate up. I tried this Arango tutorial to setup a certificate, but it did not give me success.
Thanks.
The only workaround I was able to figure out was to opt for the unsecured route. Instead of having
arango-cluster-ca
in thespec.tls.caSecretName
field of arango cluster config file, I set the field toNone
. It allowed me to connect with http without any issues.Would still like to know if there is some workaround to get it connected via https, so I am still open to answers, else I would close this.