Stack Overflow
Stack Overflow

Questions tagged [gke-networking]

Questions about network issues on Google Kubernetes Engine

Official sites for:

238 questions
31
votes
13 answers

Google Managed SSL Certificate Stuck on FAILED_NOT_VISIBLE

I'm trying to configure an HTTPS/Layer 7 Load Balancer with GKE. I'm following SSL certificates overview and GKE Ingress for HTTP(S) Load Balancing. My config. has worked for some time. I wanted to test Google's managed service. This is how I've…
martins
  • 9,669
  • 11
  • 57
  • 85
16
votes
3 answers

How to check if network policy have been applied to pod?

I'm trying to restrict to my openvpn to allow accessing internal infrastructure and limit it only by 'develop' namespace, so I started with simple policy that denies all egress traffic and see no effect or any feedback from cluster that it was…
animekun
  • 1,789
  • 4
  • 28
  • 45
11
votes
1 answer

Unhealthy nodes for load balancer when using nginx ingress controller on GKE

I have set up the nginx ingress controller following this guide. The ingress works well and I am able to visit the defaultbackend service and my own service as well. But when reviewing the objects created in the Google Cloud Console, in particular…
john2x
  • 22,546
  • 16
  • 57
  • 95
8
votes
1 answer

Understanding --master-ipv4-cidr when provisioning private GKE clusters

I am trying to further understand what exactly is happening when I provision a private cluster in Google's Kubernetes Engine. Google provides this example here of provisioning a private cluster where the control plane services (e.g. Kubernetes API)…
Chris Mutzel
  • 91
  • 1
  • 2
7
votes
2 answers

Global load balancer (HTTPS Loadbalancer) in front of GKE Nginx Ingress Controller

I have a GKE cluster which uses Nginx Ingress Controller as its ingress engine. Currently, when I setup the Nginx Ingress Controller I define a service kind: LoadBalancer and point it to an external static IP previously reserved on GCP. The problem…
Mauricio
  • 2,552
  • 2
  • 29
  • 43
7
votes
2 answers

How enable google managed certificate on Google Kubernetes?

I'm new to GKE now am trying to creating a new cluster for RASA. I'm trying to create an ingress with HTTPS to point to a loadbalancer in this cluster. But I'm unable to select the option Create Google-managed certificate from the list. It seems to…
PRAJIN PRAKASH
  • 1,366
  • 1
  • 15
  • 31
6
votes
2 answers

GKE Autopilot Ingress returns 502 error for 5-15 minutes after deploying

I set up a (very) simple deployment with GKE on a GKE Autopilot cluster running the latest version of Kubernetes (1.18.15-gke.1501) and attached an ingress (external HTTP(s) load balancer) that links to a simple ClusterIP service. Whenever I update…
samwight
  • 129
  • 2
  • 8
6
votes
1 answer

GKE ingress Https Redirect - FrontendConfig not recognized

I have an GKE ingress with both Http and Https. I want to redirect the traffic from port 80 to port 443. I found this: https://github.com/kubernetes/ingress-gce/issues/1075 which let to…
Niels Uitterdijk
  • 713
  • 9
  • 27
6
votes
2 answers

In GKE, can we specify the zone or region of a persistent volume when we create it through a PVC object

I want my persistent volume to reside in a specific zone, say us-central1-a, but I want to deploy it through a PVC, not by creating an object of PV directly. Is this possible in GKE?
Ruchidnya Kadam
  • 63
  • 4
6
votes
1 answer

Google Cloud TCP external load balancer and TLS not self signed

Is it possible to directly expose a server behind a L4 load balancer, with a public certificate? This server is inside a Kubernetes pod. There is a TCP loadbalancer service in front of it which creates the external L4 LB. My problem is that the TLS…
unludo
  • 4,912
  • 7
  • 47
  • 71
6
votes
1 answer

VPN access to in-house network not working after GKE cluster upgrade to 1.14.6

We upgraded our existing development cluster from 1.13.6-gke.13 to 1.14.6-gke.13 and our pods can no longer reach our in-house network over our Google Cloud VPN. Our production cluster (still on 1.13) shares the same VPC network and VPN tunnels and…
jlar310
  • 527
  • 4
  • 14
5
votes
5 answers

"unable to retrieve the complete list of server APIs: tap.linkerd.io/v1alpha1" error using Linkerd on private cluster in GKE

Why does the following error occur when I install Linkerd 2.x on a private cluster in GKE? Error: could not get apiVersions from Kubernetes: unable to retrieve the complete list of server APIs: tap.linkerd.io/v1alpha1: the server is currently unable…
cpretzer
  • 236
  • 2
  • 6
4
votes
1 answer

Are GCP tags a new kind of network_tag or something else entirely?

GCP network tags can be applied to VMs (and maybe GKE node_pools). Then firewall rules can target those resources. They have just a name, not a value. tags, on the other hand, are more like labels, in that they have key names and values.…
intotecho
  • 4,925
  • 3
  • 39
  • 54
4
votes
1 answer

Mongodb Atlas Google Cloud peering fails with an ip range in the local network overlaps with an ip range in an active peer

I have a GCP Project "A" where I had previously added VPC peering with MongoDB Atlas: This way my development GKE cluster (whose VPC range is 10.7.0.0/16) will support peering when accessing MongoDB. So far everything works as expected. Now I've…
codependent
  • 23,193
  • 31
  • 166
  • 308
4
votes
1 answer

Has anyone identified a good solution for iPv6 in GKE, Google Game Servers, or Agones?

I am currently hosting a game service with Google Game Servers (https://cloud.google.com/game-servers). This is basically running Agones in GKE. This works great for the most part except when it comes to iPv6. I am struggling to find any suggestions…
Ryan
  • 41
  • 3
1
2 3
15 16