Consul proxydefaults - resources are not synced to Consol in VM - kubernetes federation

tmiroslav · December 10, 2021, 12:20pm

I was following those instructions to create Consul VM - kubernetes federation, where VM Consul cluster was my primary. And it worked as expected. Services between 2 Consul datacenters were able to communicate. But, I was seeing that resources were not SYNC to Consol, as expected here
Here is what I have:

kubectl get proxydefaults global -n consul
NAME     SYNCED   LAST SYNCED   AGE
global   False                  9m58s

How I can SYNC this? What issue I can face because of this?
As I sad, I do have connection between 2 services from diff datacenters.

lkysow · December 13, 2021, 6:28am

Can you run kubectl describe proxydefaults global -n consul to find out the syncing error?

tmiroslav · December 13, 2021, 12:26pm

Hi @lkysow
This is printout from above command:

kubectl describe proxydefaults global -n consul
Name:         global
Namespace:    consul
Labels:       <none>
Annotations:  <none>
API Version:  consul.hashicorp.com/v1alpha1
Kind:         ProxyDefaults
Metadata:
  Creation Timestamp:  2021-12-03T14:56:53Z
  Finalizers:
    finalizers.consul.hashicorp.com
  Generation:  2
  Managed Fields:
    API Version:  consul.hashicorp.com/v1alpha1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:finalizers:
          .:
          v:"finalizers.consul.hashicorp.com":
      f:spec:
        f:expose:
      f:status:
        .:
        f:conditions:
    Manager:      consul-k8s-control-plane
    Operation:    Update
    Time:         2021-12-03T14:56:53Z
    API Version:  consul.hashicorp.com/v1alpha1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .:
          f:kubectl.kubernetes.io/last-applied-configuration:
      f:spec:
        .:
        f:meshGateway:
          .:
          f:mode:
    Manager:         kubectl-client-side-apply
    Operation:       Update
    Time:            2021-12-03T14:56:53Z
  Resource Version:  3163798
  UID:               2b2a1d95-9631-4571-8bac-a80ced198cca
Spec:
  Expose:
  Mesh Gateway:
    Mode:  local
Status:
  Conditions:
    Last Transition Time:  2021-12-13T12:24:55Z
    Message:               config entry already exists in Consul
    Reason:                ExternallyManagedConfigError
    Status:                False
    Type:                  Synced
Events:                    <none>

lkysow · December 13, 2021, 5:46pm

Message:               config entry already exists in Consul

So it looks like there is already a proxy-defaults config set. It’s a global config between all datacenters so there can only be one, either in VMs or managed by one Kube cluster.

If you want to use Kubernetes then you should delete the existing proxy-defaults config: consul config delete -kind proxy-defaults -name global.

tmiroslav · December 14, 2021, 8:10am

Hi @lkysow

This works! After removing proxy-default in Consul VM, it is getting SYNC.

Thank you!