-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resources can't sync except when proxied #54
Comments
this usually indicates some sort of connectivity problem between coredns and the API server. See similar issue #38 |
#38 was my first guess as to the cause of the issue but I can confirm that the kubeconfig works. Here's a test from another host where kubectl is installed:
I also ran a packet capture and I can see that there are no silent drops/resets, and that there is bidirectional application data. Unfortunately as far as I know I cannot decrypt the TLS session after it's been captured even with the private key here due to the kube API using elliptic curve encryption. And when I tried proxying the traffic to see the requests being made, the problem went away... See here for a packet capture from tcpdump: k8s_gateway cap.zip. Is there any additional logging that I can turn on? |
you can also check the logs on the API server to see if there's anything obvious there. |
Have a really oddball problem. Running coredns outside of a k3s cluster, with k8s_gateway and it's kubeconfig pointing at the k3s cluster. Here's my config:
Corefile:
k8s_gateway config:
kubeconfig (secrets redacted):
With the config above, k8s_gateway fails to sync with the controller, logging
[ERROR] plugin/errors: 2 traefik.echozulu.games. A: plugin/k8s_gateway: Could not sync required resources
. Full log:The really weird part is that when I setup a HTTPS proxy like mitmproxy on another computer, and uncomment the
proxy
line in the kubeconfig, everything works as expected:What am I doing wrong here?
The text was updated successfully, but these errors were encountered: