Andreas Martens

oh, oh, OH YEAH! ``` securityContext: capabilities: add: ["CHOWN", "DAC_OVERRIDE","FOWNER","SETFCAP","SETGID","SETUID"] ``` @thurcombe thanks! I guess I *should* try those one at a time to get a minimal set

Yep, We have a corporate internal CA with an intermediate CA under it. I've configured the nginx ingress with the full chain of server->intemediate->root. I can connect with openssl s_client:...

bump, any comment? Does grpc look for trust anchors in a different place?

Ahh, so you're saying that gRPC doesn't use a global trust anchor with trusted root certs, but the root certificate needs to be passed down by the caller (i.e. Milvus...

yes I see, I'll do a little more digging (it's been a little while since I played with this, so my memory might be failing me). What I was hoping...

But I don't have docker, this is running on a remote kubernetes instance.

Thanks Mikkel, cool, that's helpful... I guess I *should* be able to make an OpenSSL based on quite trivially too! cheers, Andreas