-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Controller giving "context deadline exceeded" #127
Comments
@jpohjolainen You sure outgoing requests works as expected in your cluster? The errors basically say they timeout when talking to AKV... Though they seam to be eventually consistent... |
@torresdal atleast I can launch ubuntu image in the cluster and connect outside from it. dns and everything works there. |
@jpohjolainen only time we've seen issues like this in azure, is when you use the basic loadbalancer. Using the Standard SKU for loadbalancer fixed a lot of outgoing request issues we had... Default timeout for accessing AKV is 30 seconds... We could make this configurable, but thinking 30 sec is a lot... |
@torresdal LB SKU is Standard Our test deployment also works. For it we use cert-manager to get certs, and it worked same as usually. And the app is accessible through the LB. |
But to answer you question directly: I doubt this is a bug. We have not seen this in any of our clusters running latest stable version of akv2k8s and no one else has reported this. Most likely reason is something in you cluster/azure... But feel free to keep this issue open and report any findings. We're happy to help if you find anything pointing to an issue with akv2k8s. |
This was my own silly thing. I forgot to change the name of the key vault in the azurekeyvaultsecret resource 🤦 Sometimes one can be so blind to own changes. Sorry about this. |
@jpohjolainen No problem 👍 |
If someone faces the issue while secret and vault names are correct - check that you have |
I can confirm the comment by @skayred and it helped me to find an elegant solution. I use the PostgREST container image to expose a PostgreSQL REST API and that container is based on a Here an excerpt of my deployment YAML:
It works like a charm. |
Thank you @paulissoft You saved me a headache, I was using mysql:5.7 exact same issue, resolved by bootstrapping kalaksi/ca-certificates into the pod w/initcontainers. |
Describe the bug
Last week all worked well with controller and injector. But this week I created new cluster, and I'm having trouble with the controller (quick test on Injector gave the same error). It get's "context deadline exceeded" errors and doesn't sync.
To Reproduce
Install controller 1.1.0 to AKS
Expected behavior
It gets secrets synced from AKV
Logs
Additional context
I tried this on 1.16.13 and 1.17.9 AKS clusters. We use Terraform to create it, so this has been created same way last week also.
I don't remember seeing the W0929 last week, and I'm wondering has Azure changed something?
The text was updated successfully, but these errors were encountered: