X509 Errors in Kubernetes

What is Kubernetes?

Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available. With the release of Docker images for Sitecore 10, I was excited to try a full Azure Kubernetes deployment. After setting up a local docker environment to test things out, I provisioned an Azure AKS instance and uploaded the various service Yaml files.

However, when trying to load Sitecore images in Azure Kubernetes Services, I kept running into this error:

ERROR: Get https://scr.sitecore.com/v2/: x509: certificate signed by unknown authority

When setting up your AKS service, you define a windows cluster, but the default management cluster runs Linux. Kubernetes is trying to launch the Sitecore services on the Linux cluster, and cert validation fails. To fix this, be sure to include the following in your Yaml configs:

     spec:
nodeSelector:
"beta.kubernetes.io/os": windows

This will tell Kubernetes to use a windows cluster, and everything should work perfectly