Technical assistance | C2C Community

Technical assistance


Userlevel 3
Badge

I need a technical assistance with a GCP resource, i’m not sure if this is the right place to ask.

 

Thanks

yuval 6 months ago

Hello @Livingstone . I think it is connected to the control plane global access:

https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters

View original

14 replies

Userlevel 7
Badge +28

Hi @Livingstone,

it depends on what you need. Why don’t you write directly what sort of assistance you need? 🙂

Userlevel 3
Badge

Thank you @Dimitris Petrakis.

 

  1. I have two issues.

    I have two subnets in west2 and west4 with GKE deployed in each region, I have a bastion deployed in west2. on each GKE I have allows the bastion subnets to the list of the allowed networks, on the routers, i have address custom ip to be visible to the routers, but still I can't reach the kubernetes control plane in west4 from the bastion (timeout error), but I can reach the GKE in west2, I have checked the routes and I can see the routes to the subnets is defined, I can't figure out why it is timing out. see the attached diagram for my networking.
     

     

  2.  I deployed a multicluster ingress, everything works fine except that GCP is not considering the specifications in the backend config file.

    Above is the config file, but in the GCP console, the path is defined as /, which makes the application fail a health check.

     

    Thank you for your time.

Userlevel 7
Badge +28

Thank you @Livingstone ! Hang on as I’ve forwarded this and try to get someone to assist. 

Let me also tag @yuval. Yuval, would you be able to help? Thanks! :)

 

Userlevel 3
Badge

Thank you so much @Dimitris Petrakis 

Userlevel 7
Badge +28

Tagging also @Kartik, @Mali, @urbanenomad, @JoelGoodman if you can help 😎

Userlevel 4
Badge +3

Hello @Livingstone . I think it is connected to the control plane global access:

https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters

Userlevel 3
Badge

thank you @yuval , I would read through and see if I can find anything to solve the problem

Userlevel 3
Badge

Awesome!, Thank you @yuval  I found the global access option in the doc you, I enabled it on the cluster and it worked.

 

Thank you @Dimitris Petrakis 😎 for tagging @yuval, it was really helpful.

 

one down, one to go 😎

Userlevel 7
Badge +28

Thank you for your great help, as always, @yuval 😎

Glad you solved a first part of your problem, @Livingstone 🙂

 

In the meantime, please feel free to introduce yourself in the C2C Lounge using this template. It would be great for our members to get to know you a bit better! 😉

Userlevel 4
Badge +3

@Livingstone thank you for updating that this fixed the issue.

If you are not working with a partner with Google, please check out doit.com. We provide support like this at no cost...

Badge

For your 2nd issue I assume there is no endpoint in your app at the root URI “/” that returns a 200 response code?  Not sure if you can update your app to provide that 200 response from your root URI or you can manually modify your health check to point to the URI “/v1/sys/health” in the healthcheck.

But I assume  your goal is for the healthcheck to respect the BackendConfig CRD that you listed when you apply to your namespace.

I also assume you put in the Service annotations “cloud.google.com/backend-config”

Userlevel 3
Badge

Ok I made the introduction, I will go ahead and visit doit.com

Userlevel 3
Badge

For your 2nd issue I assume there is no endpoint in your app at the root URI “/” that returns a 200 response code?  Not sure if you can update your app to provide that 200 response from your root URI or you can manually modify your health check to point to the URI “/v1/sys/health” in the healthcheck.

But I assume  your goal is for the healthcheck to respect the BackendConfig CRD that you listed when you apply to your namespace.

I also assume you put in the Service annotations “cloud.google.com/backend-config”

Hi @urbanenomad , yes the goal is that the BackendConfig CRD respect the health check defined, and I have also modified my application to listen on. that port.

yes, i added the service annotations to multi cluster service, but that was not respected either

Userlevel 7
Badge +28

Thanks for checking out, @urbanenomad 😎

Reply