K
Q

GCP: kubectl exec/logs fails to container on using UBUNTU as OS

5/2/2018

I created a 2 node cluster with OS as UBUNTU. After deploying a container, trying a kubectl exec or logs fail with following error :-

Error from server: error dialing backend: No SSH tunnels currently open. Were the targets able to accept an ssh-key for user <username>

Please tell how to make it work. Nodes are part of default pool only. Steps to reproduce:-

gcloud container clusters create "gke-test-cluster" --image-type=UBUNTU --machine-type=n1-standard-2  --zone us-east1-c --num-nodes 2 --cluster-version=1.8    
kubectl create -f https://k8s.io/docs/tasks/debug-application-cluster/shell-demo.yaml              
kubectl get pod shell-demo          

kubectl exec -it shell-demo -- /bin/bash  
Error from server: error dialing backend: No SSH tunnels currently open. Were the targets able to accept an ssh-key for user "gke-0c"?  

kubectl logs shell-demo  
Error from server: Get https://10.142.0.5:10250/containerLogs/default/shell-demo/nginx: No SSH tunnels currently open. Were the targets able to accept an ssh-key for user "gke-0c"?

I am using my laptop for all CLI commands. This issue has already been raised at:- https://issuetracker.google.com/issues/77986235
https://serverfault.com/questions/907468/gcp-kubectl-exec-logs-fails-to-container-on-using-ubuntu-as-os/907882?noredirect=1#comment1177112_907882

-- kronjob
google-cloud-platform
google-kubernetes-engine

Similar Questions

Pod ready before container finishes starting jetty server
Get Deployment annotation from a Kubernetes Pod
How to troubleshoot thread starvation in ASP.NET Core on Linux (Kubernetes)?
RabbitMQ nodes not able to discover each other and join cluster
SSH key scan for host https://gitlab.host.com failed, error: dial tcp: lookup tcp///gitlab.host.com: getaddrinfow: The specified class was not foun
Multiple kubernetes pods with Azure Eventhubs subscription redundancy
Error: unknown command &quot;kubernetes&quot; for &quot;doctl&quot;

2 Answers

5/2/2018

I reproduced your issue, with your exact commands and it worked just fine. This has to be an issue due to something else (like the firewall, as in the issue tracker is suggested).

Actually, check to confirm you have these three firewall rules:

gke-gke-test-cluster-07424324-all ...    
gke-gke-test-cluster-07424324-ssh ...  
gke-gke-test-cluster-07424324-vms ...

About cloud shell and your laptop, there is no much difference, if you are correctly authenticated with Cloud SDK. So to say "This issue is also reproducible from gcp cloud-shell" doesn't really make sense.

If you do have the firewall rules, and don't have much done in the project, I would recommend you to create a new project and start over there.

-- suren
Source: StackOverflow
6/8/2018

It was some issue with size of project metadata. We cleaned it up and it worked.

-- kronjob
Source: StackOverflow