Is it possible to change ports on apiext deployment?
See original GitHub issuecontext:
we are migration ambassador edge stack from 1.14 to 2.2 and this port is blocking the webhooks in a EKS cluster with calico. I need to use hostNetwork for my webhooks due to calico and I need to chose a different port for the setup. If I use raw as is deployments from this tutorial: https://www.getambassador.io/docs/edge-stack/latest/topics/install/upgrade/yaml/edge-stack-1.14/edge-stack-2.2/ I get the following error:
kubectl -n ambassador logs -f aes-9598676c-56cv9
E0417 20:41:05.376019 1 reflector.go:138] pkg/kates/client.go:439: Failed to watch *unstructured.Unstructured: failed to list *unstructured.Unstructured: conversion webhook for getambassador.io/v2, Kind=Mapping failed: Post "https://emissary-apiext.emissary-system.svc:443/webhooks/crd-convert?timeout=30s": Address is not allowed
Issue Analytics
- State:
- Created a year ago
- Reactions:2
- Comments:6 (1 by maintainers)
Top Results From Across the Web
Configuring port settings - IBM
When you configure WebSphere Application Server resources or assign port numbers to other applications, you must avoid conflicts with other assigned ports.
Read more >Configure ports | Network | Northflank Application docs
Updating ports on your deployments will not require a restart. Protocol, Uses, Can be made public? HTTP(S)/1.1, Common web servers, websockets, Yes.
Read more >Getting Started with Emissary-ingress
Learn how to install Emissary-ingress with either Helm or kubectl to get started routing traffic from the edge of your Kubernetes cluster to ......
Read more >Changing website port on each deployment
Blue/green style deployments by varying the port number between each deployment.
Read more >Update Virtual Service Ports on VirtServer - SmartBear Support
On your computer, the service will use the same port it used before the deployment. Using web interface. To change the port from...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
hit the same issue with EKS cluster & Calico. The main reason is mentioned at Calico’s website: https://projectcalico.docs.tigera.io/getting-started/kubernetes/managed-public-cloud/eks
Basically the only thing we can do is to use
hostNetwork:true
, then apiext by default will only use8080, 8443
which obviously is not ideal. It should be configurable.For reference, cert-manager has a nice documentation exactly about this https://cert-manager.io/docs/installation/compatibility/ and they provide a nice configurable value
webhook.securePort
in their helm chart.@cindymullins-dw the configuration is required so that when
hostNetwork: true
is chosen that we could choose the ports to use. Currently the ports8080, 8443
could be taken up by another item on the host. By being able to configure it, we could set it ourselves if there are conflicts.I’m happy to create a PR for this. I’m just not sure how best to set the values? ENV variables seem the easiest