Closed bzlom closed 1 month ago
Hi @bzlom , we’ve released a new version to address this “Deadline exceeded’ error which may help here. Please upgrade to 2.7.6. Also, if you're using a private cluster you’ll need to adjust your firewall rules and we can provide more info on that if relevant.
@cindymullins-dw hi, sorry for the very late reply. I've tried the same thing with telepresence version 2.12.0
. I'm getting the same result but different errors this time around. It works fine when I don't apply any RBAC settings on telepresence side and I'm able to connect
and intercept
pods just fine. When I apply any RBAC policies on telepresence, same as in my original message I get errors like these:
# telepresence intercept some-random-pod --port 8080:8080 -n oos
telepresence intercept: error: connector.CreateIntercept: request timed out while waiting for agent user-management-client-api-v4.oos to arrive: Events that may be relevant:
AGE TYPE REASON OBJECT MESSAGE
30s Warning FailedCreatePodSandBox pod/user-management-client-api-v4-6684bf74d-mcv6n Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "b7b29e195e0bb5913cbf626770fac5b012d7ac9b9d660c87015055af19a9d1d8": plugin type="aws-cni" name="aws-cni" failed (add): add cmd: failed to assign an IP address to container
18s Warning FailedCreatePodSandBox pod/user-management-client-api-v4-6684bf74d-mcv6n Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "f5e6d490198b8c767118205998b2850568afd111b7d085e4cf761576000666f4": plugin type="aws-cni" name="aws-cni" failed (add): add cmd: failed to assign an IP address to container
7s Warning FailedCreatePodSandBox pod/user-management-client-api-v4-6684bf74d-mcv6n Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "39b296965e86c87155cbfd708b6764ae4f3de78dccc90b4a8e1d32bb9afc318d": plugin type="aws-cni" name="aws-cni" failed (add): add cmd: failed to assign an IP address to container
And after getting the error above (once or a few times) I start getting this one:
telepresence intercept some-random-pod --port 8080:8080 -n oos
telepresence intercept: error: connector.CreateIntercept: request timed out while waiting for agent user-management-client-api-v4.oos to arrive
@bzlom , your config looks ok and we would expect this to work. Unfortunately, the error is not informative enough to help. If you can submit logs we'll look into those, and as always we do recommend upgrading to the latest version.
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment, or this will be closed in 7 days.
This issue was closed because it has been stalled for 7 days with no activity.
Describe the bug Trying to restrict
telepresence intercept
to specific k8s namespaces by following this guide https://www.telepresence.io/docs/latest/install/helm/. If I install telepresence without any RBAC settings (managerRbac.namespaces) everything works as expected: I'm able totelepresence connect
and thentelepresence intercept
with no issues. When I add RBAC setting with-f values.yaml
I'm unable to intercept any services.Debug logs attached: telepresence_logs.zip
To Reproduce Steps to reproduce the behavior:
where values.yaml looks like:
telepresence connect
with no issuesExpected behavior Be able to run
telepresence intercept
with RBAC limits to specific k8s namespacesVersions (please complete the following information):
telepresence version
: Client: v2.7.0 (api v3) Root Daemon: v2.7.0 (api v3) User Daemon: v2.7.0 (api v3)telepresence
commands: Ubuntu 20.04.4Additional context k8s context file is present in $KUBECONFIG environment variable