Description
It becomes impossible to connect to the Kubernetes cluster once the kube-apiserver is configured to accept TLS 1.3 and higher.
The error obtained is :
The SSL connection could not be established, see inner exception.
Stack Trace :
à System.Net.Http.ConnectHelper.d__2.MoveNext()
à System.Threading.Tasks.ValueTask1.get_Result() à System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable1.ConfiguredValueTaskAwaiter.GetResult()
à System.Net.Http.HttpConnectionPool.d__97.MoveNext()
à System.Threading.Tasks.ValueTask1.get_Result() à System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable1.ConfiguredValueTaskAwaiter.GetResult()
à System.Net.Http.HttpConnectionPool.d__78.MoveNext()
à System.Threading.Tasks.TaskCompletionSourceWithCancellation1.<WaitWithCancellationAsync>d__1.MoveNext() à System.Threading.Tasks.ValueTask1.get_Result()
à System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable1.ConfiguredValueTaskAwaiter.GetResult() à System.Net.Http.HttpConnectionPool.<GetHttp2ConnectionAsync>d__80.MoveNext() à System.Threading.Tasks.ValueTask1.get_Result()
à System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable1.ConfiguredValueTaskAwaiter.GetResult() à System.Net.Http.HttpConnectionPool.<SendWithVersionDetectionAndRetryAsync>d__84.MoveNext() à System.Threading.Tasks.ValueTask1.get_Result()
à System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable1.ConfiguredValueTaskAwaiter.GetResult() à System.Net.Http.RedirectHandler.<SendAsync>d__4.MoveNext() à System.Net.Http.HttpClient.<<SendAsync>g__Core|83_0>d.MoveNext() à k8s.Kubernetes.<SendRequestRaw>d__48.MoveNext() à k8s.AbstractKubernetes.<k8s-ICoreV1Operations-ListNamespaceWithHttpMessagesAsync>d__19.MoveNext() à k8s.CoreV1OperationsExtensions.<ListNamespaceAsync>d__15.MoveNext() à k8s.CoreV1OperationsExtensions.ListNamespace(ICoreV1Operations operations, Nullable1 allowWatchBookmarks, String continueParameter, String fieldSelector, String labelSelector, Nullable1 limit, String resourceVersion, String resourceVersionMatch, Nullable1 sendInitialEvents, Nullable1 timeoutSeconds, Nullable1 watch, Nullable1 pretty) à Cogiweb.Logging.Collector.Services.Kubernetes.KubernetesEventWatcher.GetLogs(Nullable1 since, Boolean follow) dans C:\projets\cogiweb.logging\Cogiweb.Logging.Collector\Services\Kubernetes\KubernetesEventWatcher.cs :ligne 59
à Cogiweb.Logging.Collector.Services.Kubernetes.KubernetesEventWatcher.GetTodaysEvents() dans C:\projets\cogiweb.logging\Cogiweb.Logging.Collector\Services\Kubernetes\KubernetesEventWatcher.cs :ligne 39
à Cogiweb.Logging.Collector.Services.EventWatcher.CheckForMissed() dans C:\projets\cogiweb.logging\Cogiweb.Logging.Collector\Services\EventWatcher.cs :ligne 46
à Cogiweb.Logging.Collector.Services.LogCollector.Run() dans C:\projets\cogiweb.logging\Cogiweb.Logging.Collector\Services\LogCollector.cs :ligne 43
à System.Threading.Thread.StartCallback()
Kubernetes C# SDK Client Version
11.0.9
Server Kubernetes Version
1.25.6
Dotnet Runtime Version
net6
To Reproduce
Create a Kubernetes cluster with the following configuration :
cat > ./kubeadm_conf.yml <<EOF
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
nodeRegistration:
criSocket: "unix:///run/containerd/containerd.sock"
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.25.6
clusterName: "test"
networking:
podSubnet: "10.244.0.0/16" # --pod-network-cidr
controlPlaneEndpoint: "[PUT_YOUR_IP_ADDRESS]:6443"
apiServer:
extraArgs:
tls-min-version: "VersionTLS13"
EOF
sudo kubeadm init --config ./kubeadm_conf.yml --upload-certs
# Copy the configs:
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Where do you run your app with Kubernetes SDK (please complete the following information):
- OS: Windows 10
- Environment : native
- On prem