Unable to connect to Deck via tunneling

8/12/2018

I installed the Halyard docker image on an Ubuntu 14.04 VM, created a Kubernetes Cluster in Azure AKS and deployed Spinnaker to it using hal deploy apply.

Everything looks good and I can see the pods running via Kubernetes dashboard (by tunneling in the VM.) az aks browse --resource-group SPIN --name AKS

However, I am unable to connect to the spinnaker UI at http://localhost:9000 via tunneling. This is what I did.

  1. In my Ubuntu VM, started the Halyard container.

    sudo docker run -p 8084:8084 -p 9000:9000 --name halyard --rm -v \
    ~/.hal:/home/spinnaker/.hal -v ~/.kube:/home/spinnaker/.kube -d  \
    gcr.io/spinnaker-marketplace/halyard:stable
  2. Connected to the container.

    jaise@halyard:~$ sudo docker exec -it halyard bash
  3. Configured Spinnaker and deployed to AKS hal deploy apply

  4. Ran hal deploy connect- which seems to verify everything and start a tunnel

    spinnaker@6e1e72124794:/workdir$ hal deploy connect
    + Get current deployment
      Success
    + Connect to Spinnaker deployment.
      Success
    Forwarding from 127.0.0.1:9000 -> 9000
    Forwarding from 127.0.0.1:8084 -> 8084
  5. I opened my browser in VM and hit http://localhost:9000 but nothing comes. The message displayed is " The connection was reset"

  6. I Repeated the same steps from the putty session on my local workstation and received a similar error.

Local Computer, Windows 8, Chrome

Any hint on where to look and what could be the issue?

-- Jak
azure-kubernetes
spinnaker
spinnaker-halyard
ssh-tunnel

1 Answer

8/15/2018

It is likely that the AKS configuration for tunneling would need some tweaking to work with Halyard. The most supported path here is for GCP and I suspect the command won't work with AKS or Amazon EKS.

The documentation suggests you try the other alternative paths, such as exposing your node publicly after adding authentication https://www.spinnaker.io/setup/quickstart/faq/#i-want-to-expose-the-distributed-kubernetes-hosted-spinnaker-publicly .

-- Tomas Lin
Source: StackOverflow