azure_arc icon indicating copy to clipboard operation
azure_arc copied to clipboard

Published 20 hours ago verified publisher icon microsoft

cannot connect to cluster in arc via azure cloud shell and az connectedk8s

Open jwaltireland opened this issue 2 years ago • 2 comments

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/cluster-connect?tabs=azure-cli#service-account-token-authentication-option

from the above link:

I cannot connect to azure arc enabled eks cluster.

here is my cloud shell logs:

john@Azure:~/.kube$ az connectedk8s proxy -n Arc-EKS-Demo -g Arc-EKS-Demo --token eyJhbGciOiJSUzI1NiIsImtpZCI6Ilp4Wmp2TUpXczVnN0k2TWc1ZXFMRW0yZHViN3dtNjhaaFdadWRMSWxnalkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlbW8tdXNlci1zZWNyZXQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVtby11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYzg5NGY1MTYtMDRjNS00MzY2LTk5ZjYtNGFiMjcwNTYyYmRjIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRlZmF1bHQ6ZGVtby11c2VyIn0.nj-L4-HfheIB_BIptr_kIsRorv_PPy1cGdnmn_eLvFRpAhQuVxMVh66gCxrEISkLNg3Vjh2LkFpBTZwUuMA9U0PcrKoYdcMqi1FntxQFG6sepO2QA2mx5Tuo8WjPHGxP8XKgq-CCI0dlDpQte00gTIy9wkp3O6YypOBgsxlgc7EcQqE6FoJe9KSTqrvN5CzSpI7_RgP29r9h92PqYgj7-srTYy1A0u3trPhQRqUdSTRyJHRk19gFQ8os7byj4QX1hB6h_vNXjU7V5-330liY8933RCSNfRUsGfiOMB975LFZ4DhlXRYcEAZZ1F9iwUxsCWXJntObmp_XVlfs11_13g Proxy is listening on port 47011 Merged "Arc-EKS-Demo" as current context in /home/john/.kube/config Start sending kubectl requests on 'Arc-EKS-Demo' context using kubeconfig at /home/john/.kube/config Press Ctrl+C to close proxy.

when I type in kubectl cmds nothing happens. When I press Ctrl+Delete, then run kubectl commands, I get:

The connection to the server 127.0.0.1:47011 was refused - did you specify the right host or port?

I've created an azure service principal, and tried using the command after logging in as the sp. I've also created service account token. both produce the same result.

NOTE that the service account token DOES work in the portal to view the arc enabled information.

jwaltireland avatar Aug 03 '22 14:08 jwaltireland

Hey friend! Thanks for opening this issue. We appreciate your contribution and welcome you to our community! We are glad to have you here and to have your input on the Azure Arc Jumpstart.

github-actions[bot] avatar Aug 03 '22 14:08 github-actions[bot]

@jwaltireland this does not look like the Jumpstart scenario since we do not have proxy implementation in it.

likamrat avatar Aug 03 '22 19:08 likamrat

@jwaltireland : I quickly tested this scenario and was able to run the kubectl commands by opening parallel Azure Cloud Shell.

image

zaidmohd avatar Aug 18 '22 02:08 zaidmohd

@jwaltireland : I quickly tested this scenario and was able to run the kubectl commands by opening parallel Azure Cloud Shell.

image

Ah. so you have to leave the connectedkk8s proxy command open.

Thanks for the update

jwaltireland avatar Aug 18 '22 10:08 jwaltireland