-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use host.docker.internal
in local-garden
#2641
Conversation
@timebertt Thank you for your contribution. |
Thank you @timebertt for your contribution. I will start a build for your PR. Once started, the build URL will be posted here. |
A build of this pull request has started. You can check on its progress here: https://concourse.ci.gardener.cloud/teams/gardener/pipelines/gardener-master/jobs/master-pull-request-job/builds/166 |
A build of this pull request has started. You can check on its progress here: https://concourse.ci.gardener.cloud/teams/gardener/pipelines/gardener-master/jobs/master-pull-request-job/builds/167 |
What about |
Well, good idea. |
It was already advertised by |
73699ac
to
ac584fb
Compare
Nice suggestion. /invite @guydaichs @vpnachev |
host.docker.internal
in local-garden
host.docker.internal
in local-gardenhost.docker.internal
in local-garden
I can confirm that local-garden is working fine for me (on ubuntu 18.04) with and without this change. /lgtm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I run make start-apiserver
after I ran make local-garden-up
then I get following error:
$ make start-apiserver
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes-ca")
Found Nodeless Kubernetes ...
I0803 07:23:46.788772 92804 plugins.go:84] Registered admission plugin "ResourceReferenceManager"
I0803 07:23:46.788858 92804 plugins.go:84] Registered admission plugin "DeletionConfirmation"
I0803 07:23:46.788862 92804 plugins.go:84] Registered admission plugin "ExtensionValidator"
I0803 07:23:46.788865 92804 plugins.go:84] Registered admission plugin "ShootTolerationRestriction"
I0803 07:23:46.788870 92804 plugins.go:84] Registered admission plugin "ShootQuotaValidator"
I0803 07:23:46.788875 92804 plugins.go:84] Registered admission plugin "ShootDNS"
I0803 07:23:46.788879 92804 plugins.go:84] Registered admission plugin "ShootValidator"
I0803 07:23:46.788882 92804 plugins.go:84] Registered admission plugin "ControllerRegistrationResources"
I0803 07:23:46.788885 92804 plugins.go:84] Registered admission plugin "PlantValidator"
I0803 07:23:46.788889 92804 plugins.go:84] Registered admission plugin "OpenIDConnectPreset"
I0803 07:23:46.788893 92804 plugins.go:84] Registered admission plugin "ClusterOpenIDConnectPreset"
I0803 07:23:46.788915 92804 plugins.go:84] Registered admission plugin "ShootStateDeletionValidator"
I0803 07:23:46.788922 92804 plugins.go:84] Registered admission plugin "CustomVerbAuthorizer"
W0803 07:23:47.093386 92804 configmap_cafile_content.go:102] unable to load initial CA bundle for: "client-ca::kube-system::extension-apiserver-authentication::client-ca-file" due to: configmap "extension-apiserver-authentication" not found
W0803 07:23:47.093422 92804 configmap_cafile_content.go:102] unable to load initial CA bundle for: "client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" due to: configmap "extension-apiserver-authentication" not found
Error: unable to load configmap based request-header-client-ca-file: Get "https://localhost:2443/api/v1/namespaces/kube-system/configmaps/extension-apiserver-authentication": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes-ca")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Turns out that I had to update my local ~/.kube.config
file to the new default admin kubeconfig.. thanks for the pointers! With it, it works as expected!
/lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
works in my WSL2 env as well
Thanks @guydaichs for your feedback! |
Added a release note for |
How to categorize this PR?
/area dev-productivity
/kind enhancement
/priority normal
What this PR does / why we need it:
This PR replaces
docker.for.mac.localhost
byhost.docker.internal
in our scripts for spinning up the local nodeless garden.This way, connection from the docker VM to the host is unified for Mac and Windows users.
It also adds
host.docker.internal
to the local garden API server cert, so you can talk to it from within a docker container without TLS verification errors.Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Release note: