# If you encounter "SSL certification error (subject name does not match the host name)", you may try to set DOCKER_VERNEMQ_KUBERNETES_INSECURE to "1".
insecure=""
if env | grep"DOCKER_VERNEMQ_KUBERNETES_INSECURE"-q;then
insecure="--insecure"
if env | grep-q"DOCKER_VERNEMQ_TRADE_CONSISTENCY=on";then
sed -i.bak -r"s/VerneMQ@.+/VerneMQ@${VERNEMQ_KUBERNETES_HOSTNAME}/" /vernemq/etc/vm.args
# Hack into K8S DNS resolution (temporarily)
kube_pod_names=$(curl -X GET $insecure--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt https://kubernetes.default.svc.$DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME/api/v1/namespaces/$DOCKER_VERNEMQ_KUBERNETES_NAMESPACE/pods?labelSelector=$DOCKER_VERNEMQ_KUBERNETES_LABEL_SELECTOR-H"Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" | jq '.items[].spec.hostname' | sed 's/"//g' | tr '\n'' ')
for kube_pod_name in$kube_pod_names;do
if[$kube_pod_name=="null"];then
echo"Kubernetes discovery selected, but no pods found. Maybe we're the first?"
echo"Anyway, we won't attempt to join any cluster."
break
fi
if[$kube_pod_name!=$MY_POD_NAME];then
echo"Will join an existing Kubernetes cluster with discovery node at ${kube_pod_name}.${VERNEMQ_KUBERNETES_SUBDOMAIN}.${DOCKER_VERNEMQ_KUBERNETES_NAMESPACE}.svc.${DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME}"