We have created a self managed kubernetes cluster using the kubeadm approach. It is a 3 node cluster hosted on AWS EC2 instances (1-Master and 2-Slaves).

We have created a separate NGINX server to route the requests for different applications deployed on K8S cluster.

This NGINX server is linked to AWS ALB along with an openssl self-signed certificate so that the Cluster is accessible only via HTTPS Listener PORT i.e. 443.

Also, we have linked one separate ALB with K8S Master to access K8S Dashboard / K8S Api Server.

We are using Jenkins to create jobs for automated deployment in K8S cluster. However, when we run the job intermittently we get TLS handshake timeout.

For instance:- if we run below command:

kubectl get pods --insecure-skip-tls-verify=true

We get an error:

Unable to connect to the server: net/http: TLS handshake timeout

On multiple re-runs the command runs successfully.

We are using the latest version of Kubernetes i.e. 1.15 version

We have been struggling to find a permanent solution to this.

How can I fix it?

4

1 Answer

Our Architecture is roughly as follows:-

EndUser <- ALB1 <- NGINX Server (where routing rules to access applications hosted on K8S Cluster are in place)

EndUser <- ALB2 <- K8S Master (used to access K8S Dashboard or send request to Kube API Server)

It looked like whenever a request was made to ALB2 from Jenkins Server to connect K8S Cluster at times packets were getting lost and hence we were getting intermittent time out issue.

We have replaced AWS ALB with Classic ELB and this has resolved out intermittent time-out issue.

Hope this helps.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy