orange-analyst-1917508/21/2023, 11:18 PM
provider. Garden version 0.13.12. I have the
working just fine but am having trouble getting it set up for remote. I am using this document as my general guide https://docs.garden.io/kubernetes-plugins/remote-k8s/configure-provider. I setup a cluster in Azure AKS and can connect to it using
). I deployed contour, cert-manager, letsencrypt and certificate using helm/kubectl such that I have a valid certificate. My DNS points to the cluster (if I install a service using helm I can connect to it at my URL). I have a container registry created in azure and created a imagePullSecret and put it in the cluster using
kubectl get nodes
kubectl create secret docker-registry
looks like: Edit - config removed for length. The issue is when I run
I get the following message:
garden deploy --env remote
There does not appear to be any additional information in the logs. I've tried running with the
ℹ garden → Running in Garden environment remote.default ℹ providers → Getting status... ✖ providers → Failed processing resolve provider kubernetes (took 1.4 sec). Here is the output: ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Error: Client network socket disconnected before secure TLS connection was established ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Failed resolving one or more providers: - kubernetes See .garden/error.log for detailed error message
flag which appears to run it in an interactive mode, but I am not sure what to do from there. I am not sure where to go from here. Any help would be appreciated. Thanks, Matt
quaint-dress-83108/22/2023, 9:30 AM
and put the output in a Gist?
orange-analyst-1917508/22/2023, 11:46 AM
quaint-dress-83108/22/2023, 12:08 PM
and indicates a network issue. I'd ask you if you've double-checked
is using the correct context but based on the line
it looks like it is.
ℹ providers [silly] → GET https://yuba-rtim-k8s-2mm9efpj.hcp.eastus2.azmk8s.io:443/apis/networking.k8s.io/v1
kubectl get nodes
orange-analyst-1917508/22/2023, 12:21 PM
quaint-dress-83108/22/2023, 12:23 PM
orange-analyst-1917508/22/2023, 12:25 PM
quaint-dress-83108/22/2023, 1:31 PM
orange-analyst-1917508/22/2023, 2:06 PM
quaint-dress-83108/22/2023, 4:30 PM
orange-analyst-1917508/22/2023, 4:33 PM
I get a message about an SSL certificate problem. If I run
I see the certificates. And if I run
openssl s_client -connect yuba-rtim-k8s-2mm9efpj.hcp.eastus2.azmk8s.io:443 -showcerts
it seems to go through (unauthorized because no credentials are passed I guess). Is there a way in garden to do something equivalent to the
curl -k https://yuba-rtim-k8s-2mm9efpj.hcp.eastus2.azmk8s.io/apis/networking.k8s.io/v1
Or is it already set to allow self-signed certs. I think I still do not exactly understand what is happening.
quaint-dress-83108/23/2023, 8:27 AM
orange-analyst-1917508/23/2023, 12:02 PM
, but garden seems to die doing it, if I'm reading the logs correctly. Is there a way to see exactly what the request garden is sending is, including the headers, so I can try that in curl? Or do you know what headers are required? Is it just auth?
can handle, but that whatever library garden uses can't.
quaint-dress-83108/24/2023, 12:51 PM