During the cluster installation, I am not able to get access to the Operations Center in my EKS cluster.
Following the setup instructions shown here, reviewing the Load Balancer (LB) settings using AWS console, I found that the certificate provided in the values file was not showing in the LB.
Additionally, when reviewing the logs for the load balancer pod, there were errors like the one shown below:
[error] 91#91: *353 broken header: g9��Z��%�_���9��8��y�;v�D�C��<�n�/�+�0�,��'g�(k�$�� ����jih9876�2�.�*�&���=" while reading PROXY protocol, client:
- CloudBees CI (CloudBees Core)
- CloudBees CI (CloudBees Core) on modern cloud platforms - Managed Master
- CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center
- Amazon EKS
Review our ingress controller installation guide and ensure that you are using a CLB load balancer.
The problem is most likely related to the fact that instead of using a CLB L4 load balancer, we have configured an NLB L4 load balancer, and this has consequences in the product behavior because:
The Proxy Protocol cannot be configured from k8s at the moment for NLB using the annotations
NLB TLS support arrived later on in AWS and has been added to version 1.15.x of k8s. At the moment of writing this article EKS 1.15.x is not GA, it is therefore not possible to use the annotation service.
- CloudBees CI (CloudBees Core) 18.104.22.168