1

We have difficulty creating a private GKE cluster using a shared VPC with network peering. The default pool is created, but node is not in good shape.

Error in notifications:

Create Kubernetes Engine cluster "azure-pipelines-cicd-dev" All cluster resources were brought up, but: only 0 nodes out of 3 have registered; this is likely due to Nodes failing to start correctly; check VM Serial logs for errors, try re-creating the cluster or contact support if that doesn't work.

And in the log (Seral port 1) of all VM instances, many similar errors were logged:

[ 2264.118446] configure.sh[1054]: == Failed to download https://storage.googleapis.com/gke-release/npd-custom-plugins/v1.0.3/npd-custom-plugins-v1.0.3.tar.gz. Retrying. == [ 2264.127757] configure.sh[1054]: https://www.googleapis.com/auth/devstorage.read_only [ 2284.154924] configure.sh[1054]: curl: (6) name lookup timed out [ 2284.155338] configure.sh[1054]: Warning: Problem : timeout. Will retry in 10 seconds. 6 retries left.

Please share any idea you have.

Lu Xin
  • 45
  • 5
  • Is that url accessible from other vms in the same VPC? – Kunal Deo Jun 02 '22 at 07:16
  • This is a routing/firewall issue, that the VM instance cannot reach the Google Private APIs. The subnet, which is hosting the cluster, only have the Google Private Access enabled, but the default routing were removed. And the traffic were redirect to a peered network to another host project, which don't have Google Private Access enabled. After enabled the Google Private API on the other side of peered network, the issue is fixed. – Lu Xin Jun 24 '22 at 13:43

0 Answers0