Hello, I'm trying to get garden working using the

kubernetes

provider. Garden version 0.13.12. I have the

local-kubernetes

working just fine but am having trouble getting it set up for remote. I am using this document as my general guide https://docs.garden.io/kubernetes-plugins/remote-k8s/configure-provider. I setup a cluster in Azure AKS and can connect to it using

kubectl

(e.g.

kubectl get nodes

). I deployed contour, cert-manager, letsencrypt and certificate using helm/kubectl such that I have a valid certificate. My DNS points to the cluster (if I install a service using helm I can connect to it at my URL). I have a container registry created in azure and created a imagePullSecret and put it in the cluster using

kubectl create secret docker-registry

My

project.garden.yaml

looks like: Edit - config removed for length. The issue is when I run

garden deploy --env remote

I get the following message:

ℹ garden               → Running in Garden environment remote.default
ℹ providers            → Getting status...
✖ providers            → Failed processing resolve provider kubernetes (took 1.4 sec). Here is the output:

──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Error: Client network socket disconnected before secure TLS connection was established
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────


Failed resolving one or more providers:
- kubernetes

See .garden/error.log for detailed error message

There does not appear to be any additional information in the logs. I've tried running with the

--logs

flag which appears to run it in an interactive mode, but I am not sure what to do from there. I am not sure where to go from here. Any help would be appreciated. Thanks, Matt

Hi @orange-analyst-19175 can you run

garden

with

-l5

and put the output in a Gist?

Hi @quaint-dress-831. Thanks for responding. The output of

garden deploy --env remote -l5

is here: https://gist.github.com/mgdenno/3abd151a78babe439985b96e6c54a29d

Great, thank you. Can you also put your

project.garden.yml

somewhere accessible?

Here is my

project.garden.yaml

https://gist.github.com/mgdenno/b8b64b63fb2a0c6a336729f015a7b0ef

Looks good to me

When i try to go to https://yuba-rtim-k8s-2mm9efpj.hcp.eastus2.azmk8s.io:443/apis/networking.k8s.io/v1 in a browser I get a not secure warning. Maybe I have something with my cluster not configured correctly?

Can you move your kubeconfig to a temporary backup location such as

~/bak

then go through the steps in https://docs.garden.io/kubernetes-plugins/remote-k8s/create-cluster/azure

Sounds good. I will try it and let you know.

Well, here's my Scaleway Kubernetes cluster endpoint: https://c50d7b47-1d34-40b5-b7c8-1709a6839609.api.k8s.nl-ams.scw.cloud:6443/ I don't think cloud providers are putting certs on these in general, no

Ah, ok thanks. I won't chase after that thought then.

@orange-analyst-19175 Garden is already set to allow self-signed certs so that shouldn't be an issue. And we don't enforce certificates on hostnames by default https://docs.garden.io/reference/providers/kubernetes#providers-.forcessl

@quaint-dress-831 Thanks for the info. Man, this has really got me stumped. So, I do most of my development in a Linux VM (VirtualBox) on a Windows host. Garden seems to work fine from the Windows host, and it seems to work fine on my personal Linux machine but not in the Linux VM. It is a bit odd that I seem to be able to connect to the cluster API server using

curl

, but garden seems to die doing it, if I'm reading the logs correctly. Is there a way to see exactly what the request garden is sending is, including the headers, so I can try that in curl? Or do you know what headers are required? Is it just auth?

@orange-analyst-19175 have you tested if it's accessible using WSL2?