K
Q

Tekton on private Kubernetes cluster on GCP / GKE

12/23/2019

I have installed Tekton on private kubernetes cluster. After that I wanted to create first resource but got exception:

Internal error occurred: failed calling webhook "webhook.tekton.dev": Post https://tekton-pipelines-webhook.tekton-pipelines.svc:443/?timeout=30s: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

As far as I know it is because of restriction on private cluster. My question is if it is possible to change Port in POST url to use 8443 instead of 433?

-- andi
google-cloud-platform
google-kubernetes-engine
kubernetes
tekton

Similar Questions

istio: route traffic between sidecar-enabled pods and non-sidecar-enabled pods
Prometheus alert manager doesnt send alert k8s
Can only access NodePort service through the worker node the app is running on
GitLab AutoDevops Environment Issues
Does't work build image in kubernetes pod using jenkins
Service Deployed on kubernetes is not accessible by internet

1 Answer

12/24/2019

You need to manually define firewall rule to handle your Tekton webhook requests. For example: enter image description here

Assuming that 10.44.0.0/14 is your endpoints network:

Name:              test
Namespace:         tekton-pipelines
Labels:            app.kubernetes.io/component=webhook-controller
                   app.kubernetes.io/name=tekton-pipelines
Annotations:       <none>
Selector:          app=tekton-pipelines-webhook
Type:              ClusterIP
IP:                10.0.3.240
Port:              <unset>  8443/TCP
TargetPort:        8443/TCP
Endpoints:         10.44.2.76:8443
Session Affinity:  None
Events:            <none>

You can find full problem explanation here:

https://github.com/kubernetes/kubernetes/issues/79739

-- Maciej Marczuk
Source: StackOverflow