0
votes

I have three Kubernetes clusters in AWS - these all constructed from a script so should be effectively identical. The generated K8 configs allow Kubernetes Dashboard connections and kubectl commands with no issues.

However making a programmatic connection to the cluster doesn't work for one of them and I've no why.

Java code:

            ApiClient client = Config.fromConfig(configFile);
            client.getHttpClient().setReadTimeout(60, TimeUnit.SECONDS);
            Configuration.setDefaultApiClient(client);              

            ExtensionsV1beta1Api extApi = new ExtensionsV1beta1Api();
            ExtensionsV1beta1DeploymentList list = extApi.listNamespacedDeployment("monitoring", false, "false", null, null, null, null, null, 10000,
                    null);
            for (ExtensionsV1beta1Deployment item : list.getItems()) {
                logger.info(region + " " + item.getMetadata().getName() + " " + item.getStatus().getAvailableReplicas());
            }

For the cluster it doesn't work for I get a timeout:

 io.kubernetes.client.ApiException: java.net.SocketTimeoutException: connect timed out
at io.kubernetes.client.ApiClient.execute(ApiClient.java:801)
at io.kubernetes.client.apis.ExtensionsV1beta1Api.listNamespacedDeploymentWithHttpInfo(ExtensionsV1beta1Api.java:4219)
at io.kubernetes.client.apis.ExtensionsV1beta1Api.listNamespacedDeployment(ExtensionsV1beta1Api.java:4196)
Caused by: java.net.SocketTimeoutException: connect timed out
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)

Client Version: version.Info{Major:"1", Minor:"12", GitVersion:"v1.12.0", GitCommit:"0ed33881dc4355495f623c6f22e7dd0b7632b7c0", GitTreeState:"clean", BuildDate:"2018-09-27T17:05:32Z", GoVersion:"go1.10.4", Compiler:"gc", Platform:"windows/amd64"}

Server Version: version.Info{Major:"1", Minor:"12+", GitVersion:"v1.12.6-eks-d69f1b", GitCommit:"d69f1bf3669bf00b7f4a758e978e0e7a1e3a68f7", GitTreeState:"clean", BuildDate:"2019-02-28T20:26:10Z", GoVersion:"go1.10.8", Compiler:"gc", Platform:"linux/amd64"}

Is there any way to get more information about why the API cannot connect? Thanks

1
Can you access k8s api-server?menya
kubectl works fine so presumably I canGlorianChris
Can you access to the server defined in kubeconfig clusters.server on host your java running on?menya
Yes in as much that I get the same error using curl for all three clusters: "message": "forbidden: User \"system:anonymous\" cannot get path \"/\"",GlorianChris

1 Answers

0
votes

Turns out the issue was with the company firewall and not Kubernetes at all