Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private cluster timeout #116

Closed
ocervell opened this issue Mar 25, 2019 · 3 comments
Closed

Private cluster timeout #116

ocervell opened this issue Mar 25, 2019 · 3 comments

Comments

@ocervell
Copy link
Contributor

ocervell commented Mar 25, 2019
edited

Private cluster fails with a timeout when posting the config map (when network_policy is set to true:

1 error(s) occurred:

* module.gke.kubernetes_config_map.ip-masq-agent: 1 error(s) occurred:

* kubernetes_config_map.ip-masq-agent: Post https://192.168.134.2/api/v1/namespaces/kube-system/configmaps: dial tcp 192.168.134.2:443: i/o timeout

I think this might be linked to the missing feature for VPC Transitive peering that prevents an on-prem network from reaching the GKE master when it's private.
@ocervell ocervell changed the title Private cluster error Private cluster timeout Mar 25, 2019
@thefirstofthe300
Copy link
Contributor

@ocervell Are you attempting to talk to the master from a network other than the VPC to which the GKE cluster is attached?

@ocervell
Copy link
Contributor Author

Yeah, running this from my local. Which confirms it fails because the VPC Transitive peering feature is not GA yet.

Let's add a warning in the docs that the Terraform for this should run in the same VPC where the cluster is created, and will fail from a peered VPC or from an on-prem network connected through VPN ?

@morgante morgante mentioned this issue Mar 27, 2019
Merged
@morgante
Copy link
Contributor

Note added in #121

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@morgante @thefirstofthe300 @ocervell