kubernetes-the-hard-way icon indicating copy to clipboard operation
kubernetes-the-hard-way copied to clipboard

Published 20 hours ago verified publisher icon kelseyhightower

failed to connect from external network to the publi IP address

Open elnemesisdivina opened this issue 4 years ago • 3 comments

Hi there I got this error: image

is also pointed in this issues: https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/262 https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/264

I run all checks on FW rules and also check the response from one of the controllers:

image

check ca.pem certs are the same in any controller and on my local machine, all FW rules at this point of ingress and egress are according to the procedure, also other folks posted check and I run them with same results, refer to them in the links to the closed issues.

any idea on how to deal with this?

thanks!

elnemesisdivina avatar Jan 19 '21 05:01 elnemesisdivina

Hi @elnemesisdivina, I know your issue is old but this Stack Overflow Question helped me get past this issue. I used the first option in the 2nd most voted answer by Yuvika. Use this command instead and see if it works for you too:

curl -k --cacert ca.pem https://${KUBERNETES_PUBLIC_ADDRESS}:6443/version

WhitneyLampkin avatar Feb 25 '22 16:02 WhitneyLampkin

thank you Whitney, will take a look.

On Fri 25 Feb 2022 at 10:42 Whitney Lampkin @.***> wrote:

Hi @elnemesisdivina https://github.com/elnemesisdivina, I know your issue is old but this Stack Overflow Question https://stackoverflow.com/questions/24611640/curl-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate helped me get past this issue. I used the first option in the 2nd most voted answer by Yuvika. Use this command instead and see if it works for you too:

curl -k --cacert ca.pem https://${KUBERNETES_PUBLIC_ADDRESS}:6443/version

— Reply to this email directly, view it on GitHub https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/631#issuecomment-1051013904, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABMFYJRUHM47PQBCSHIKLSDU46WPZANCNFSM4WIIFHHQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

-- +vRay

elnemesisdivina avatar Mar 28 '22 00:03 elnemesisdivina

In my case I had udp:6443 instead of tcp:6443 for the external firewall rule but must certainly be a mistake with the firewall rule.

anilanar avatar Feb 26 '23 20:02 anilanar