CODEWITHSUNDEEP
kubernetesmicroservicesapi-gatewayconsulkubernetes-nodeport
Alexander Tu
Alexander Tu

Reputation: 1

Deploy consul on kubernetes hashicup guide unreachable api gateway

I am following this tutorial Enable external traffic ingress into Consul service mesh. I am following the self-managed local deployment guide. I am using helm, kind and kubectl, like the guide suggests.

I am unable to access localhost:8443 like in the guide says it can. I have checked multiple times if I misconfigured something, unless I am incredibly blind I do not know what is wrong.

The whole guide starts from Deploy Consul on Kubernetes and it has a GitHub repository.

For some additional context, here are some debug findings.

kubectl logs <api-gateway> -n consul

2024-12-20T08:33:55.843Z+00:00 [warning] envoy.misc(19) Deprecated field: type envoy.config.cluster.v3.Cluster Using deprecated option 'envoy.config.cluster.v3.Cluster.http2_protocol_options' from file cluster.proto. This configuration will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details. If continued use of this field is absolutely necessary, see https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features for how to apply a temporary and highly discouraged override.

2024-12-20T08:33:56.459Z+00:00 [warning] envoy.misc(19) internal_address_config is not configured. The existing default behaviour will trust RFC1918 IP addresses, but this will be changed in next release. Please explictily config internal address config as the migration step or config the envoy.reloadable_features.explicit_internal_address_config to true to untrust all ips by default

2024-12-20T08:33:56.639Z+00:00 [warning] envoy.main(19) There is no configured limit to the number of allowed active downstream connections. Configure a limit in `envoy.resource_monitors.global_downstream_max_connections` resource monitor.

kubectl describe gateway api-gateway -n consul

Name:         api-gateway
Namespace:    consul
Labels:       <none>
Annotations:  consul.hashicorp.com/gateway-class-config:
                {"serviceType":"NodePort","deployment":{"defaultInstances":1,"maxInstances":1,"minInstances":1,"resources":{"limits":{"cpu":"100m","memory...
API Version:  gateway.networking.k8s.io/v1beta1
Kind:         Gateway
Metadata:
  Creation Timestamp:  2024-12-20T08:33:52Z
  Finalizers:
    gateway-finalizer.consul.hashicorp.com
  Generation:        1
  Resource Version:  1634
  UID:               33ea0e6a-218e-4d4e-9397-32e9e856e948
Spec:
  Gateway Class Name:  consul
  Listeners:
    Allowed Routes:
      Namespaces:
        From:  Same
    Name:      https
    Port:      8443
    Protocol:  HTTPS
    Tls:
      Certificate Refs:
        Group:
        Kind:   Secret
        Name:   consul-server-cert
      Mode:     Terminate
Status:
  Addresses:
    Type:   IPAddress
    Value:  172.18.0.2
  Conditions:
    Last Transition Time:  2024-12-20T08:33:52Z
    Message:               gateway accepted
    Observed Generation:   1
    Reason:                Accepted
    Status:                True
    Type:                  Accepted
    Last Transition Time:  2024-12-20T08:33:53Z
    Message:               gateway programmed
    Observed Generation:   1
    Reason:                Programmed
    Status:                True
    Type:                  Programmed
    Last Transition Time:  2024-12-20T08:33:52Z
    Message:               gateway synced to Consul
    Observed Generation:   1
    Reason:                Synced
    Status:                True
    Type:                  Synced
    Last Transition Time:  2024-12-20T08:33:53Z
    Message:               gateway is valid
    Observed Generation:   1
    Reason:                Accepted
    Status:                True
    Type:                  ConsulAccepted
  Listeners:
    Attached Routes:  1
    Conditions:
      Last Transition Time:  2024-12-20T08:34:22Z
      Message:               listener accepted
      Observed Generation:   1
      Reason:                Accepted
      Status:                True
      Type:                  Accepted
      Last Transition Time:  2024-12-20T08:34:22Z
      Message:               listener programmed
      Observed Generation:   1
      Reason:                Programmed
      Status:                True
      Type:                  Programmed
      Last Transition Time:  2024-12-20T08:34:22Z
      Message:               listener has no conflicts
      Observed Generation:   1
      Reason:                NoConflicts
      Status:                False
      Type:                  Conflicted
      Last Transition Time:  2024-12-20T08:34:22Z
      Message:               resolved references
      Observed Generation:   1
      Reason:                ResolvedRefs
      Status:                True
      Type:                  ResolvedRefs
    Name:                    https
    Supported Kinds:
      Group:  gateway.networking.k8s.io
      Kind:   HTTPRoute
Events:       <none>

I followed the guide and failed. I expected to be able to access localhost:8443 but I was not able to.

Upvotes: 0

Views: 44

Answers (0)

Related Questions