Cluster information:
Kubernetes version: 1.28.0
Cloud being used: bare-metal
Installation method: Kubespray
Host OS: Ubuntu 22.04
CNI and version: Calico 3.26.4
CRI and version: Containerd 2
Hi, I am running a kubernetes cluster for monitoring platform.
I’ve set up Ingresses for accessing applications.(with SSL using cert-manager
) I was trying to deploy kubernetes-metrics-server
but endpoints are missing, So I googled and follow the instruction. the instruction was re-issuing kubernetes certs with cfssl
, And I missconfigured cert’s name. after I noticed I configured wrong, I restore the certs files with correct name! But I can not access via Ingress like there are no logs, just showing “this site can’t be reached”
I can access with the actual node’s IP, not LoadBalancer’s external IP. I don’t know what is wrong and what should I search for.
your help or at least guessing is very appreciate.
when you do a “kubectl get ingress” do you see the ip of the ingress?
when you do a “describe service X” do you see the pod ip:port combos in the “endpoints” section?
Do all your ports match up? ingress → 443 , service X , pod port X ?
Are you pods passing readiness checks?
What does HPA say? do it see “ready” pods?
What does it say in “kubectl events”
1 Like
all looks fine, I can not figure out what the problem is. So I just did re-cluster kubernetes
Thanks for the reply!
Hi David,
as I replied I re-clustered kubernetes. and now I seeing the same error again.
Beside kubernetes-metrics-server
, I’ve deployed MetalLB, Nginx Ingress Controller
I can see the externalIP on the nginx-ingress-controller
service and It was worked fine then suddenly it fails for TLS handshake.
SSL certifications are valid and Ingress matches correct service, pod.
If you have any opinion , please let me know. Thank you