skupperproject
Communication is not possible when exposing sts in a namespace other than the namespace where skupper is installed.
Describe the bug Headless services that are not in the namespace where skupper is deployed do not seem to communicate.
How To Reproduce skupper is installed in the "default" namespace on both clusters 1 and 2.
I exposed mysql sts in "my" namespace in cluster1
###(cluster1)
skupper expose statefulset mycluster --headless --port 3306 --targetnamespace my
So, skupper service was created in the default namespace in both cluster1 and cluster2.
And I tried to access cluster1 mysql through skupper headless service in mysqlsh pod on cluster2, but it failed.
MySQL SQL > \connect [email protected]
Creating a session to '[email protected]'
Please provide the password for '[email protected]': ****
MySQL Error 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0
Expected behavior It works normally when used with sts deployed in the default namespace where skupper is deployed. Like this, it seems that headless service communication should be possible even in namespaces where skupper is not deployed.
Environment details
- Skupper 1.7.0
- kubernetes v1.27.5
When you ran skupper init, did you supply the --enable-cluster-permissions option?
$ skupper-1.7.0 init --help | grep cluster-permissions
--enable-cluster-permissions Enable cluster wide permissions in order to expose deployments/statefulsets in other namespaces
When you ran
skupper init, did you supply the--enable-cluster-permissionsoption?$ skupper-1.7.0 init --help | grep cluster-permissions --enable-cluster-permissions Enable cluster wide permissions in order to expose deployments/statefulsets in other namespaces
sure I use this script (cluster1) skupper init --enable-console --enable-flow-collector --enable-cluster-permissions (cluster2) skupper init --enable-cluster-permissions
FYI For me it worked as soon I passed correct targetname service.namespace for skupper expose service.