HTTP/2 302 error when forwarding a deployment on Kubernetes

7/12/2019

I have deployed elasticsearch/kibana helm chart with security enabled on Kubernetes, the tests show that everything is working just fine and the test is working with curl on local ,

for elasticsearch:

{
  "cluster_name" : "security",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 3,
  "active_shards" : 6,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

curl -I -k -u elastic:$Password https://localhost:5601/app/kibana

HTTP/1.1 200 OK
content-security-policy: script-src 'unsafe-eval' 'nonce-hVJdRFhEJHdFV5kW'; worker-src blob:; child-src blob:
kbn-name: kibana
kbn-xpack-sig: 0ebe654e32c040bd4b2aff05c3931890
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 81348
vary: accept-encoding
connection: close
Date: Thu, 11 Jul 2019 11:23:38 GMT

but when I forward the deployment to get the UI I get this error:

Error:

Could not connect to Cloud Shell on port 8080.

Ensure your server is listening on port 8080 and try again.

Also when I curl the forwarded link it shows me HTTP/2 302 error.

I used 2 methods one using the UI of google cloud platform to expose the service UI used to expose the service, and the other is using the port forwarding using the shell :

&& echo "# When the next line says 'Forwarding from...', go to: https://ssh.cloud.google.com/devshell/proxy?port=8080" && kubectl port-forward $(kubectl get pod --selector="app=kibana,release=
helm-kibana-security" --output jsonpath='{.items[0].metadata.name}') 8080:5601--project test-dev \
Fetching cluster endpoint and auth data.orwarding from...', go to: https://ssh.cloud.google.com/devshell/proxy?port=8080" && kubectl port-forward $(kubectl getpod --selector="app=kibana,release=h
kubeconfig entry generated for test-backend.
# When the next line says 'Forwarding from...', go to: https://ssh.cloud.google.com/devshell/proxy?port=8080
Forwarding from 127.0.0.1:8080 -> 5601

Can anyone help me, please?

-- M.Bou
kibana
kubernetes

1 Answer

7/31/2019

This looks like a Firewall rule issue.

You can create additional rules via the Console > your Project > Networking > VPC network > Firewall rules > Create Firewall Rule.

You can customize your rules by following this guide.

Target tags can also be removed if needed.

If that won't work than edit the default-allow-internal rule to accept traffic from whatever you'd like.

Please let me know if that helped.

-- OhHiMark
Source: StackOverflow