search
Ctrlk

Set proxy config for PMK Clusters

hashtag
Problem

kubectl logs results in Error forbidden when PMK cluster is created using Proxy.

hashtag
Environment

  • Issue resolved in Platform9 Managed Kubernetes 5.9

hashtag
Resolution

Note : This solution will only work for Platform9 Managed Kubernetes 5.9 and above

hashtag
Way to avoid landing into the proxy issues:

  • Onboard node to DU

  • Run pf9ctl set-proxy command on the node

pf9ctl set-proxy --protocol http --host-ip 10.149.107.44 --port 3128 --no-proxy 10.149.106.249,10.149.106.198

In above command --no-proxy takes ip addresses of worker nodes.

  • Now create cluster, you will not see forbidden error for kubectl logs command.

hashtag
Way to resolve this on existing cluster which is already behind proxy:

  • SSH to master node

  • Run pf9ctl set-proxy command like above and pass IPs or subnet of worker nodes to --no-proxy flag

  • Stop pf9-hostagent and pf9-nodeletd services

systemctl stop pf9-hostagent.service pf9-nodeletd.service

  • Restart Prepare configuration phase

/opt/pf9/nodelet/nodeletd phases restart --single -p 2

It will restart prepare configuration phase and it will append worker ips to no_proxy var in master.yaml

Note : It will restart kube-apiserver , kube-scheduler and kube-controller-manager

  • Start pf9-hostagent and pf9-nodeletd services

systemctl start pf9-hostagent.service pf9-nodeletd.service

  • Verify kubectl logs command. you will not see forbidden error for kubectl logs command.

PreviousKubernetes Dashboard Pod Not RunningNextRevert a PV Stuck in a Deleting State

Last updated