[BUG] Can't apply blueprint cause webhook can't be reached #1292
Comments
|
Hi @muffl0n, |
|
I can reproduce this on every try. |
|
Are there any relevant logs in the operator? |
|
None I found so far. Is there any method to pump up the logging? |
|
Should be able to use the |
|
I see what the issue is - you have to add additional firewall rules to allow traffic between your private GKE apiserver and the Kanister webhooks. See https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules. |
|
You are right! Thank you very much! I recall having a similar problem with "Config Connector": GoogleCloudPlatform/k8s-config-connector#423 Is there a special reason why Kanister uses 9443 and not 443? Notice: It's the port of the pod/endpoint, not the service's one. Edit: Default changed to 9443 some time ago: kubernetes-sigs/controller-runtime#1076 |
|
9443 is the default port used in the |
|
Thanks for the clarification! I added a section to "Troubleshooting" in #1309 |
* Add section "Webhook" in "Troubleshooting" Fixes #1292 * Add backticks to port * Apply suggestions from code review Co-authored-by: Pavan Navarathna <pavan@kasten.io> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Describe the bug
When I try to apply a blueprint, I get this error message
To Reproduce
kubectl apply -f blueprint.yamlExpected behavior
Blueprint should be applied without an error.
Environment
Kubernetes Version/Provider: GKE v1.22.6-gke.300
Helm-Chart: 0.74.0
Kanister operator: Develop version of PR #1282
Though I'm using the develop version of said PR, I can also reproduce this behaviour with released version ghcr.io/kanisterio/controller:0.74.0
The text was updated successfully, but these errors were encountered: