[Resolved] error updating CloudFront Distribution: InvalidArgument: The parameter Header Name contains Cloudfront-Viewer-Address that is not allowed.

 

Issue:- 

Terraform run time error on apply that the parameter Header Cloudfront-Viewer-Address is not allowed

Error:- 

  error updating CloudFront Distribution: InvalidArgument: The parameter Header Name contains Cloudfront-Viewer-Address that is not allowed.

Effect:-

SCloudfront-Viewer-Address contains the IP Address of the viewer that sent the request to Cloudfront, and the port used for the request. For e.g 3.110.159.137:443. Because the header is not whitelisted the same value is not available in the system.

Resolution:-

Change the configuration under the Behaviours in the cloudfront from Legacy cache settings to Legacy cache settings to Cache policy and origin request policy (recommended)

Explanation:-

The header cloudfront-viewer-address is supported by the Legacy cache settings to Cache policy and origin request policy (recommended) only and you cannot use it with the Legacy cache settings as per the AWS Documentation.

[Solved] NodePort only responding on node where pod is running

 The solution for the above problem has been discussed in the link below

https://www.unixcloudfusion.in/2022/02/solved-caliconode-is-not-ready-bird-is.html

[Solved] calico/node is not ready: BIRD is not ready: BGP not established (Calico 3.6 / k8s 1.14.1)

 

Issue:- 

The Issue was first recognised after we expose a service using the Nodeport and tried to access over the localhost on other node followed by Nodeport number. But the curl request failed with timeout

On Inspecting the containers of the master node one of the containers of the calico node was not ready.

When I used the describe container for that service it gave the error mentioned below.

Error:- 

  Normal   Created    14m                kubelet            Created container calico-node

  Normal   Started    14m                kubelet            Started container calico-node

  Warning  Unhealthy  14m (x3 over 14m)  kubelet            Readiness probe failed: calico/node is not ready: BIRD is not ready: Error querying BIRD: unable to connect to BIRDv4 socket: dial unix /var/run/calico/bird.ctl: connect: connection refused

  Warning  Unhealthy  14m                kubelet            Readiness probe failed: 2022-02-13 06:15:58.211 [INFO][210] confd/health.go 180: Number of node(s) with BGP peering established = 0

calico/node is not ready: BIRD is not ready: BGP not established with 172.31.127.174,172.31.126.126

  Warning  Unhealthy  14m  kubelet  Readiness probe failed: 2022-02-13 06:16:08.297 [INFO][259] confd/health.go 180: Number of node(s) with BGP peering established = 0

calico/node is not ready: BIRD is not ready: BGP not established with 172.31.127.174,172.31.126.126

  Warning  Unhealthy  14m  kubelet  Readiness probe failed: 2022-02-13 06:16:18.333 [INFO][285] confd/health.go 180: Number of node(s) with BGP peering established = 0

Effect:-

So one of the calico container was failing and still it didn't seem to be an issue until we tried to expose the service and tried to access the service. After much troubleshooting and recreating , figured out that this is because one of the calico pod was down. This restricted the access of the nodeport service from the other ports. This issue was observed in the kubernetes version 1.23.3.

You would need to modify the calico.yaml file before applying the yaml to your kubernetes cluster.

Understanding DNS for services and pods in kubernetes

Low Latency with AWS Local Zones

[Error response from daemon: rpc error: code = Unknown desc = constraint expected one operator from ==, !=]

 

Issue:- 

So received the error while deploying the visualizer , specifically for putting the constraint node.role=manager.

Error:- 

[root@managernode ~]# docker service create --name=viz --publish=8080:8080/tcp --constraint==node.role=manager --mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock dockersamples/visualizer

Error response from daemon: rpc error: code = Unknown desc = constraint expected one operator from ==, !=

Resolution:-

You need to use the == beween the node.role==manager in order to solve the problem so the command should be

[root@managernode ~]# docker service create --name=viz --publish=8080:8080/tcp --constraint==node.role==manager --mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock dockersamples/visualizer

Error response from daemon: rpc error: code = Unknown desc = constraint expected one operator from ==, !=

[Solved] invalid argument "type=bind," for "--mount" flag: invalid field '' must be a key=value pair

Issue:- 

The issue occured while specifying docker to use the bindmount for the volume with following command

docker service create --name=viz --publish=8080:8080/tcp --constraint=node.role==manager --mount=type=bind, src=/var/run/docker.sock,dst=/var/run/docker.sock dockersamples/visualizer

Error:- 

 invalid argument "type=bind," for "--mount" flag: invalid field '' must be a key=value pair

Resolution:-

The issue is coming because there is a space between the , and src in the above command. Make sure there is no space between mount=type=bind, src=/var/run/docker.sock like mount=type=bind,src=/var/run/docker.sock Than it should work fine.

docker service create --name=viz --publish=8080:8080/tcp --constraint=node.role==manager --mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock dockersamples/visualizer

Jenkins dynamic slaves on kubernetes part V