vcluster icon indicating copy to clipboard operation
vcluster copied to clipboard

Published 20 hours ago verified publisher icon loft-sh

Port forward does not work in vclusters

Open wizpresso-steve-cy-fan opened this issue 1 year ago • 4 comments

What happened?

I cannot do port forwarding in vcluster, if the kubeconfig is created via NodePort or proxied by Ingress. LoadBalancer and port-forward to local port and works fine.

What did you expect to happen?

I can open a port to the service/pod

How can we reproduce it (as minimally and precisely as possible)?

  1. Create a new vcluster
  2. Create a new NodePort that expose the vcluster k8s service
  3. Create a pod under the vcluster (nginx is a good example)
  4. Expose the port via kubectl port-forward under the vcluster

Anything else we need to know?

Given 31503 is the node port exposed for the vcluster k8s service, it shows something like this:

(base) PS C:\Users\SteveFan> kubectl port-forward nginx-deployment-86dcfdf4c6-2qcsj 8080:80
error: error upgrading connection: unable to upgrade connection: error dialing backend: dial tcp 172.30.0.13:31503: connectex: A connection attempt failed because the connected party did not properly respond after a period of
time, or established connection failed because connected host has failed to respond.

Host cluster Kubernetes version

Should be irrelevant

Host cluster Kubernetes distribution

k0s v1.28.2+k0s

vlcuster version

Should be irrevelant

Vcluster Kubernetes distribution(k3s(default)), k8s, k0s)

k3s

OS and Arch

Client OS: Windows
Arch: x86_64

wizpresso-steve-cy-fan avatar Mar 12 '24 09:03 wizpresso-steve-cy-fan

Hi, the vcluster version is very relevant as it proxies these requests. Please share :)

Also, which Ingress were you trying?

rohantmp avatar Mar 13 '24 06:03 rohantmp

Working for me, will need details about the load balancer and your setup to continue investigating

rohantmp avatar Mar 14 '24 11:03 rohantmp

Hi, the vcluster version is very relevant as it proxies these requests. Please share :)

Also, which Ingress were you trying?

okay the vcluster image version is 0.19.4. I used the cloudflare ingress controller and used cluster account authentication, it worked so well until i want to get a port forward or terminal connection.

NodePort seemingly worked, I just happened so that I got the wrong targetPort. But ingress seems still not working.

wizpresso-steve-cy-fan avatar Mar 15 '24 07:03 wizpresso-steve-cy-fan

This is likely an issue with the ingress controller's configuration. Please ensure that your ingress controller supports upgrade connections and is configured for tls passthrough

rohantmp avatar Apr 04 '24 07:04 rohantmp