Hello Bitbucket Community,
I am using the custom helm chart and wanted to deploy it to the private AKS AAD enabled cluster using the bitbucket pipeline.
I am trying to use the invoke command to run it by using the variables;
+ az aks command invoke --resource-group "$DEV_RESOURCE_GROUP" --name "$DEV_AKS_NAME" --command "$HELM_UPGRADE_COMMAND"
Error: path "/opt/atlassian/pipelines/agent/build/charts/xxxx" not found
+ az aks command invoke --resource-group "$DEV_RESOURCE_GROUP" --name "$DEV_AKS_NAME" --command "helm upgrade $HELM_CHART_NAME /opt/atlassian/pipelines/agent/build/charts/xxxx --namespace $NAMESPACE --set=image.tag=0.0.1-xxxx --wait --install"
ERROR: (KubernetesOperationError) Failed to run command in managed cluster due to kubernetes failure. details: Get "
https://x.x.x.x:443/api/v1/namespaces/aks-command/pods/command-xxxx
": net/http: TLS handshake timeout
Code: KubernetesOperationError
Message: Failed to run command in managed cluster due to kubernetes failure. details: Get "
https://x.x.x.x:443/api/v1/namespaces/aks-command/pods/command-xxxx
": net/http: TLS handshake timeout
Hello @Pritam Amin and welcome to the Community!
I'm not very familiar with AKS helm deployments, but our development team has created a bitbucket pipe that simplifies helm deployments to AKS when using pipelines, which you can check below :
I would suggest taking a look at that pipe's documentation as it contains multiple examples of configuration and what needs to be setup on the Azure side as well, so you can use it as a base for setting up your pipelines for helm deployments.
Thank you, @Pritam Amin !
Patrik S
Hi @Patrik S ,
Thank you for your response!!
As this is method will work for AAD enable cluster but not for private AKS.
Is there any alternative workaround for the private AKS with AAD enabled cluster?
Thanks!!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Pritam Amin ,
From the error being returned "TLS handshake timeout
" it seems like pipelines are not able to connect to the AKS instance, likely because it's set to private. The resource you are trying to access needs to be available on the internet so Pipelines can access it.
One thing I can suggest is that if AKS applies any sort of firewall in front of your instance, you might need to allow the Bitbucket Pipelines IP addresses. If that also does not work, I would recommend reaching out to Azure support to get assistance on how to configure the AKS instance to accept external requests from the internet coming from the Pipelines IPs.
Thank you, @Pritam Amin !
Patrik S
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.