microsoft / mindaro Goto Github PK

From what we've seen, this is related to enabling on an AKS cluster AAD managed authentication where multi-factor authentication is required. Potentially, this might also be caused by other AAD managed authentication settings.

Symptoms of the issue:

As of today, Visual Studio pulls a temporary kubeconfig when configuring Bridge to Kubernetes. Depending on the AKS' cluster settings, it might be needed at this point to approve the device for login, but this scenario is not handled properly by Bridge to Kubernetes.
This explains why if you run a similar command in kubectl, it works: the device login was most likely already configured there.

• Short term workaround: please consider using the VS Code extension. Because it doesn't pull any temporary kubeconfig (it only relies on the default one in %UserProfile%/.kube/config), if you're able to run kubectl get namespaces on your default kubeconfig, then you should be setup properly.
  How to use Bridge to Kubernetes in VS Code

• Middle term workaround (available now, cf. @danegsta's answer below): we're working to persist the kubeconfigs pulled in Visual Studio. That way, it would be possible to run the device login flow on it once and get unblocked.

• Long term solution: we're evaluating how we can handle this kind of auth issues without reimplementing the same authentication logic present in kubectl.

Describe the bug
I installed the Bridge to Kubernetes GA version and opened an existing project the launch.json did not get updated to support the add-in. I tried to manually add it using the template support however there is no template for it

To Reproduce
Open a project that it hasn't been used on

Expected behavior
I'd expect it to add a new configuration to the launch.json

Logs

Environment Details
Client used
VS Code:

Hi. I wanted to try Bridge to Kubernetes and I am really interested in it since it solves some of my major challenges but I am facing a few issues. Thought of consolidating them to one issue here. Requesting your prioritization.

1. Unable to use with Remote SSH

If I try to install in Remote SSH (Ubuntu 20.04 remote), the remote ssh connection disconnects again and again repeatedly. It works fine if I uninstall/disable this extension.

As a temporary workaround, I tried to install VSCode remotely, used RDP to get in and tried it out.

2. Does not work when the kubeconfig has a proxy-url

kubectl v1.19.x introduced a proxy-url flag (kubernetes/client-go#351) which is important if you connect to the K8 cluster via a bastion host. I have no problems using kubectl, helm canary and other tools with this flag but this extension does not work (I guess you are using an older version of the kubectl binary) and is not able to discover the services in my cluster since it does not use the flag and times out. And I am not sure how I would otherwise specify a proxy url for my cluster except for starting VSCode with the HTTPS_PROXY env vars. I guess, just upgrading the kubectl binary to the latest would make it work from your end.

3. Using with service mesh setup

I use Linkerd as the service mesh and have sidecars in all my containers. Supporting sidecars would be really important so that I need not have a separate config for development and a separate config for production.

4. Routing manager does not run as non-root or does not set security context

I have restricted privileges set in my cluster (same as this PSP: https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/policy/restricted-psp.yaml) and when I run bridge to kubernetes, the routing manager deployment fails with this error:

This is again very critical to maintain security while allowing bridge for kubernetes in development

And I get these error logs when connecting with the extension:

2020-10-21T18:21:45.0224329Z | MindaroCli | TRACE | Starting EndpointManager...
2020-10-21T18:21:45.0834135Z | MindaroCli | TRACE | Waiting for EndpointManager to come up ...\n
2020-10-21T18:21:52.6449050Z | MindaroCli | TRACE | EndpointManager came up successfully.\n
2020-10-21T18:21:55.9776382Z | MindaroCli | ERROR | Dependency: Service Run - Port Forward <json>{"target":null,"success":false,"duration":null,"properties":{"requestId":"null","clientRequestId":"null","correlationRequestId":"null"}}</json>
2020-10-21T18:21:55.9785155Z | MindaroCli | ERROR | ServiceConnectCommand.ExecuteInnerAsync caught exception System.NullReferenceException: Object reference not set to an instance of an object.\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.<>c.<_GetPodAndContainerFromServiceAsync>b__38_7(V1ContainerPort p)\n   at System.Linq.Enumerable.SelectListIterator`2.ToList()\n   at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager._GetPodAndContainerFromServiceAsync(String namespaceName, String serviceName, String containerName, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.ResolveConnectionDetailsAndSaveContextAsync(RemoteContainerConnectionDetails remoteContainerConnectionDetails, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.<>c__DisplayClass18_0.<<StartRemoteAgentAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Library.ManagementClients.DevSpacesManagementClientExceptionStrategy.RunWithHandlingAsync[T](Func`1 func, FailureConfig failureConfig)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.StartRemoteAgentAsync(IProgress`1 progress, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Exe.Commands.Connect.ConnectCommand.ExecuteInnerAsync(IConnectManagementClient connectManagementClient, Action`1 workloadStartedHandler, CancellationToken cancellationToken, IRoutingManagementClient routingManagementClient)
2020-10-21T18:21:55.9790019Z | MindaroCli | ERROR | Connect operation failed.\n
2020-10-21T18:21:55.9795836Z | MindaroCli | TRACE | Stopping workload and cleaning up...\n
2020-10-21T18:21:55.9932861Z | MindaroCli | ERROR | Dependency: Service Run - Port Forward <json>{"target":null,"success":false,"duration":null,"properties":{"requestId":"null","clientRequestId":"null","correlationRequestId":"null"}}</json>
2020-10-21T18:21:55.9947392Z | MindaroCli | ERROR | Oops... An unexpected error has occurred.\n
2020-10-21T18:21:55.9952190Z | MindaroCli | ERROR | For diagnostic information, see logs at '/tmp/Bridge To Kubernetes'.\n
2020-10-21T18:21:55.9982099Z | MindaroCli | ERROR | Logging handled exception: System.NullReferenceException: {"ClassName":"System.NullReferenceException","Message":"Object reference not set to an instance of an object.","Data":null,"InnerException":null,"HelpURL":null,"StackTraceString":"   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.<>c.<_GetPodAndContainerFromServiceAsync>b__38_7(V1ContainerPort p)\n   at System.Linq.Enumerable.SelectListIterator`2.ToList()\n   at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager._GetPodAndContainerFromServiceAsync(String namespaceName, String serviceName, String containerName, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.ResolveConnectionDetailsAndSaveContextAsync(RemoteContainerConnectionDetails remoteContainerConnectionDetails, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.<>c__DisplayClass18_0.<<StartRemoteAgentAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Library.ManagementClients.DevSpacesManagementClientExceptionStrategy.RunWithHandlingAsync[T](Func`1 func, FailureConfig failureConfig)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.StartRemoteAgentAsync(IProgress`1 progress, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Exe.Commands.Connect.ConnectCommand.ExecuteInnerAsync(IConnectManagementClient connectManagementClient, Action`1 workloadStartedHandler, CancellationToken cancellationToken, IRoutingManagementClient routingManagementClient)\n   at Microsoft.DevSpaces.Exe.Commands.Connect.ConnectCommand.ExecuteInnerAsync(IConnectManagementClient connectManagementClient, Action`1 workloadStartedHandler, CancellationToken cancellationToken, IRoutingManagementClient routingManagementClient)\n   at Microsoft.DevSpaces.Exe.Commands.Connect.ConnectCommand.ExecuteAsync()\n   at Microsoft.DevSpaces.Exe.DevSpacesCliApp.RunCommandAsync(String[] args, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Exe.DevSpacesCliApp.ExecuteAsync(String[] args, CancellationToken cancellationToken)","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":null,"HResult":-2147467261,"Source":"Microsoft.DevSpaces.Library","WatsonBuckets":null}
2020-10-21T18:21:55.9992596Z | MindaroCli | TRACE | Event: Command.End <json>{"properties":{"arguments":"connect --service tc-svc-account-svc --env /tmp/tmp-3175603yadn4ifjl9h9.env --script /tmp/tmp-3175603yadn4ifjl9h9.env.cmd --control-port 51792 --ppid 3175560 --elevation-requests [{\"requesttype\":\"edithostsfile\"}] --routing vignesh-1740 --local-port 3050","result":"Failed"},"metrics":{"duration":11888.0}}</json>

5. Very high resource usage

I am not sure why, but the moment I install Bridge for Kubernetes extension, I see my CPU and memory spiking up, a lot of processes running in the task manager (I am not sure if this extension is causing it, but I also see a lot of command prompts getting opened up) A lot of ssh processes are being left orphaned when this extension is installed.

With extension:

Without extension:

Environment details

Host: Windows 10 Home Insiders
Remote: Ubuntu 20.04

Trying with GKE private cluster via Bastion

VSCode (Windows):

Version: 1.50.1 (user setup)
Commit: d2e414d9e4239a252d1ab117bd7067f125afd80a
Date: 2020-10-13T15:06:15.712Z
Electron: 9.2.1
Chrome: 83.0.4103.122
Node.js: 12.14.1
V8: 8.3.110.13-electron.0
OS: Windows_NT x64 10.0.20201

VSCode (Linux):

Version: 1.50.1
Commit: d2e414d9e4239a252d1ab117bd7067f125afd80a
Date: 2020-10-13T14:44:48.716Z
Electron: 9.2.1
Chrome: 83.0.4103.122
Node.js: 12.14.1
V8: 8.3.110.13-electron.0
OS: Linux x64 5.4.0-1025-gcp

Kindly let me know if you need any other info.

CC: @rakeshvanga @greenie-msft

Need to use Azure or Google Cloud/AWS is supported for the PR integration?

Describe the bug
If you have existing services with names close to the default limit, the cloned service will then exceed this limit causing it to fail.

For example if I have a service named: my-amazing-service-name-called-service-1-20201109-testing and then use Bridge to Kubernetes to create a clone service to proxy, bridge to kubernetes extension returns an error

Failed to establish a connection. Error: Failed to get routing manager deployment status

Looking at the routing manager pod logs deployed into the namespace. It returns a message similar to the below (Redacted real names)

{
    "Request": {
        "Method": {
            "Method": "POST"
        },
        "RequestUri": "https://192.168.0.1/api/v1/namespaces/int/services",
        "Properties": {},
        "Content": "{\n  \"metadata\": {\n    \"annotations\": {\n      \"meta.helm.sh/release-name\": \"myReleaseName\",\n      \"meta.helm.sh/release-namespace\": \"myNamespace\"\n    },\n    \"labels\": {\n      \"app.kubernetes.io/managed-by\": \"Helm\",\n      \"chart\": \"myChart\",\n      \"component\": \"myComponent\",\n      \"release\": \"myRelease\",\n      \"routing.visualstudio.io/generated\": \"true\",\n      \"routing.visualstudio.io/triggerEntity\": \"my-ingress.i\"\n    },\n    \"name\": \"my-amazing-service-name-called-service-1-20201109-testing-cloned-routing-svc\",\n    \"namespace\": \"MyNamespace\"\n  },\n  \"spec\": {\n    \"ports\": [\n      {\n        \"name\": \"my-amazing-service-name-called-service-1-20201109-testing\",\n        \"port\": 80,\n        \"protocol\": \"TCP\",\n        \"targetPort\": 8080\n      }\n    ],\n    \"selector\": {\n      \"component\": \"myComponent\"\n    },\n    \"sessionAffinity\": \"None\",\n    \"topologyKeys\": [],\n    \"type\": \"ClusterIP\"\n  }\n}",
        "Headers": {
            "Authorization": [
                "49b25cd303121573"
            ],
            "Content-Type": [
                "application/json; charset=utf-8"
            ],
            "Content-Length": [
                "1040"
            ]
        }
    },
    "Response": {
        "StatusCode": 422,
        "ReasonPhrase": "Unprocessable Entity",
        "Content": "{\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"Service \\\"my-amazing-service-name-called-service-1-20201109-testing-cloned-routing-svc\\\" is invalid: metadata.name: Invalid value: \\\"my-amazing-service-name-called-service-1-20201109-testing-cloned-routing-svc\\\": must be no more than 63 characters\",\"reason\":\"Invalid\",\"details\":{\"name\":\"my-amazing-service-name-called-service-1-20201109-testing-cloned-routing-svc\",\"kind\":\"Service\",\"causes\":[{\"reason\":\"FieldValueInvalid\",\"message\":\"Invalid value: \\\"my-amazing-service-name-called-service-1-20201109-testing-cloned-routing-svc\\\": must be no more than 63 characters\",\"field\":\"metadata.name\"}]},\"code\":422}\n",
        "Headers": {
            "Audit-Id": [
                "9c010a90-7f8a-48f8-b43f-82e22ecc9da9"
            ],
            "Cache-Control": [
                "no-cache, private"
            ],
            "Date": [
                "Mon, 09 Nov 2020 15:04:25 GMT"
            ],
            "Content-Type": [
                "application/json"
            ],
            "Content-Length": [
                "672"
            ]
        }
    },
    "Body": null,
    "StackTrace": "   at k8s.Kubernetes.CreateNamespacedServiceWithHttpMessagesAsync(V1Service body, String namespaceParameter, String dryRun, String fieldManager, String pretty, Dictionary`2 customHeaders, CancellationToken cancellationToken)\n   at k8s.KubernetesExtensions.CreateNamespacedServiceAsync(IKubernetes operations, V1Service body, String namespaceParameter, String dryRun, String fieldManager, String pretty, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.RoutingManager.RoutingStateEstablisher.RunAsync(IDictionary`2 inputs, CancellationToken cancellationToken) in /src/routingmanager/RoutingStateEstablisher.cs:line 187\n   at Microsoft.DevSpaces.RoutingManager.RoutingManagerApp.RefreshAsync(CancellationToken cancellationToken) in /src/routingmanager/RoutingManagerApp.cs:line 253\n   at Microsoft.DevSpaces.RoutingManager.RoutingManagerApp.RefreshLoopAsync(CancellationToken cancellationToken) in /src/routingmanager/RoutingManagerApp.cs:line 190",
    "Message": "Operation returned an invalid status code 'UnprocessableEntity'",
    "Data": {},
    "InnerException": null,
    "HelpLink": null,
    "Source": "KubernetesClient",
    "HResult": -2146233088
}

This looks to be due to the dns-label limit of 63 characters.

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names

To Reproduce
Create 2 deployments with pods in the namespace and have the services close to the character limit (63 chars) and use Bridge to Kubernetes with isolate mode enabled in VS code.

Expected behavior
Service name is truncated to keep below 63 characters

Environment Details
Client used (VS Code/Visual Studio): VS Code

Client's version: [email protected]
Operating System: Windows 10 1909

Is your feature request related to a problem? Please describe.
Our application runs on .Net Framework 4.7 in AKS and we are looking for a possibility to debug it in cluster.

Describe the bug
Visual Studio's Bridge to Kubernetes hangs on "Connecting to service ..." when trying to connect to gateway service in the BikeSharingApp sample.

To Reproduce
Open samples/BikeSharingApp/Gateway/app.csproj in Visual Studio and launch with the Bridge to Kubernetes profile.

Expected behavior
The VS instance should start a debugging session with the gateway service in AKS, just like how it works for the ReservationEngine.

Environment Details
Client used (VS Code/Visual Studio):
VS: 16.7.5
Operating System: Windows 10

Question
Does the gateway service need any additional configuration to be debug-able?

We are super excited to announce General Availability of Bridge to Kubernetes.

Formerly known as Local Process with Kubernetes, Bridge to Kubernetes is an iterative development tool offered in Visual Studio and VS Code that allows developers to write, test and debug microservice code on their development workstations while consuming dependencies and inheriting existing configuration from a Kubernetes environment.

Developers using Bridge to Kubernetes can:

• Increase efficiency by running code directly on development workstations.
• Develop and debug microservice code end-to-end in isolation from teammates.
• Separate development workflows from DevOps configuration.
• Satisfy external microservice dependencies by connecting to existing services running in the cluster.

Learn how to use Bridge to Kubernetes by following our quickstarts for Visual Studio and VS Code.

BUG:
./local-process-quickstart.sh: bad interpreter: /bin/bash^M: no such file or directory

FIX - sed -i -e 's/\r$//' local-process-quickstart.sh

Describe the bug
Suddenly not able to run Bridge to Kubernetes anymore due to bridgetokubernetes.azurecr.io images (lpkrestorationjob and lpkremoteagent) requiring authentication. This was working fine a few days ago.

k get pods

bikes-67c9756cf9-shkdm                  1/1     Running            0          87m
bikes-778c6d986c-4fg5r                  0/1     ImagePullBackOff   0          23s
bikes-restore-93253-zgz2x               0/1     ImagePullBackOff   0          14s

k describe pod bikes-778c6d986c-4fg5r

 Failed to pull image "bridgetokubernetes.azurecr.io/lpkremoteagent:0.1.4": [rpc error: code = Unknown desc = Error response from daemon: Get https://bridgetokubernetes.azurecr.io/v2/lpkremoteagent/manifests/0.1.4: unauthorized: Application not registered with AAD., rpc error: code = Unknown desc = Error response from daemon: Get https://bridgetokubernetes.azurecr.io/v2/lpkremoteagent/manifests/0.1.4: unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.]

To Reproduce
Run the included Launch via NPM with Kubernetes launch configuration that is included in the Bikes project.

Hi,
I am using AKS with K8s version 1.17.9.
in my cluster i have Istio install according to https://docs.microsoft.com/en-us/azure/aks/servicemesh-istio-install?pivots=client-operating-system-linux , with no other modifications.

when i am trying to run Bridge on this cluster i am having an error:

This error is only when i am trying to isolate the local version from other developers

Attached log files,
bridge-library-2020-11-12-06-32-06-2092.txt
bridge-mindarocli-2020-11-12-06-32-06-2092.txt

On same cluster setup without Istio, seems to work OK.

Please advise.

vscode version: 1.50.1
plugin version: v1.0.120201021

Bridge to kubernetes vscode extension detects both the cluster and the selected namespace.

But when trying to run the application with the task "Launch X with kubernetes" does not exist, nor exist documentation for writing a custom launch.json.

Bug

When you define two different ingresses that use the same domain but with different paths, isolation mode fails to start.

Watcher log

Only unique values for domains are permitted. Duplicate entry of domain .mysub.testuri.org

To Reproduce

1. Create an ingress YAML file for a domain with a path that points to a service
2. Create a second ingress YAML file with the same domain with a different path that points to a different service
3. Try and start Bridge to Kubernetes with isolation mode
4. Observe the error above

Expected Behavior

As with DevSpaces, support the ability to add multiple ingress definitions with different paths but the same domain.

Environment Details

Client used: Visual Studio
Client's version: 2019
Operating System: Windows 10

Additional context

We are currently using DevSpaces and this does work there. We are looking to migrate to Bridge to Kubernetes, but are blocked by this issue. The current suggested solution is to put all of the routes into a single large ingress file. This is problematic for independently deployed helm charts. In our case we have an API gateway with microservices as paths under the same domain. Depending on the deployment, different charts or microservices will be deployed, which adds certain paths. Example:

It would be difficult, and an anti-pattern to merge all of these microservices into a single helm chart ingress.yaml. Preferably each helm chart adds its own route, but to the same API gateway domain.

Describe the bug
Could not setup Local Process with Kubernetes in visual studio.

To Reproduce
1.Create a new AspNetCore Web Application
2.Switch debugger to Local Process with Kubernetes
3.Play
4.The drop down box of 'Namesapce' could not be selected.

Expected behavior
The namespace of 'dev' should display.

Logs

No logs files found in directory

Environment Details
Client used (VS Code/Visual Studio):

Visual Studio

Client's version:

Operating System:

Hi there, I am trying to use B2K with a cluster where RBAC is in place and I do not have access to the default namespace. I have configured vscode to use the namespace I want, in this case, namespace-a, and my service I am interested in is also in namespace-a. It appears from the logs that it is still querying the service list in default.

2020-11-03T19:45:17.6054269Z | Library | ERROR | Logging handled exception: Microsoft.Rest.HttpOperationException: {"Request":{"Method":{"Method":"GET"},"RequestUri":"https://my-cluster.azmk8s.io/api/v1/namespaces/default/services","Properties":{},"Content":null,"Headers":{"Authorization":["auth-code"]}},"Response":{"StatusCode":403,"ReasonPhrase":"Forbidden","Content":"{\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"services is forbidden:

Is this expected behaviour?

When using bridge to kubernetes connection dialog in visual studio no subscriptions show in the dropdown when trying to use an AzureUSGovernment account.

The problem seems to be caused by the wrong API being used to communicate with azure to get subscriptions.
Inspecting this problem with fiddler showed me it was using a get request to https://management.azure.com/subscriptions?api-version=2016-06-01 to get subscriptions for the dialog.

I believe for the azure us government account I'm using it should be using https://management.usgovcloudapi.net/subscriptions?api-version=2016-06-01 as I see the subscription I need in the response when I use postman to make the request. There doesn't seem to be anyway to change this and makes me think that bridge to kubernetes is not taking other azure clouds besides AzureCloud.

To Reproduce

1. using an azure us government account attempt to connect to bridge to kubernetes in visual studio (my version is 16.7.7 latest at writing).
2. add the account from the dialog (note adding the account with the correct government cloud in options>accounts doesn't populate the account in the user dropdown of the bridge dialog)
3. Selecting the government user in the dropdown yields no subscriptions, looking at the request behind the dialog is using the wrong endpoint address as I mentioned above.

Expected behavior
When selecting a valid government user in a government cloud it should find the subscriptions the user has access to using the correct api.

Logs
no logs relevant to this that I saw at those paths and nothing produced an error it simply didn't work.

Environment Details
Visual studio 2019 v16.7.7

Describe the bug
Namespaces does not list when using bridge to kubernetes.

I get the below error saying

cluserter_user*** does not have ...aprropriate auth credentials in kubeconfig

When I switch to that cluster locally which uses that user I can run kubectl commands and see namespaces so not sure why that dialog appears with that error

To Reproduce
Simply try connecting to Bridge to Kubernetes and
Namespace drop down wont list

Expected behavior
Namespace list should refresh

Logs
I cannot see any logs in my Wondows Temp directory

Environment Details
VS
Version 16.7.5

Client's version:
Operating System: Windows 10

Additional context
Add any other outputs from the clients or context you would like to share.

Describe the bug
When trying to create profile within Visual Studio no namespaces are listed and an red X is shown to right of namespace dropdown, with the tooltip "No Kubernetes cluster found. Please check your kubeconfig."

To Reproduce
I created brand new AKS Cluster, verison 1.17.11. First I had AKS cluster version 1.18.8 which also didn't work. I can successfully list namespaces using kubectl from command prompt.

Expected behavior
List the namespaces

Logs

bridge-mindarocli-2020-10-22-18-57-11-46272.txt
bridge-library-2020-10-22-18-57-12-46272.txt
2020-10-22T18-12-05.1546952.log

Environment Details
Client used (VS Code/Visual Studio): Visual Studio

Client's version:
Operating System: Windows 10 Pro

Hi folks,

According to the doc https://docs.microsoft.com/en-us/visualstudio/containers/bridge-to-kubernetes?view=vs-2019, bridge-quickstart.sh needs to be executed during the configuration.

When i browse the file https://github.com/microsoft/mindaro/blob/master/bridge-quickstart.sh, it seems like tightly coupled with the sample app (bikesharingapp).

Question, what should we do if we'd like to enable Bridge-to-Kubernetes to our own app (not the example bikesharingapp)?

I bet we won't be able to use the same bridge-quickstart.sh?

Or perhaps, could you provide guidance / doc in term of what needs to be changed / updated?

Is your feature request related to a problem? Please describe.
I would like to be able to use Bridge To Kubernetes along with Dapr.

Describe the solution you'd like
Bridge to Kubernetes needs to support Pods that have Sidecars

Describe alternatives you've considered
Not using Bridge to Kubernetes could be an option but it is less awesome.

Describe the bug
Using Visual Studio Bridge to Kubernetes extension.
I ran the "Bridge to Kubernetes" from VS.
It is in "connecting to "service" with cluster " windows for ever.

I also had infinite login, which I was able to mitigate by changing my default browser from chrome to edge.

To Reproduce
We have 2 web apps for the same service. Each configures slightly differently. When I tried first, it seemed to have done nothing and the website seem to be running from my localhost.

When I used the other web app. It is in the loop.

Logs
bridge-library-2020-10-08-00-04-45-21080.txt
bridge-mindarocli-2020-10-08-00-04-45-21080.txt

Environment Details
VS: Visual Studio version : 16.7.4

Operating System: Windows 10

Additional context
I see in the kubectl, there is a new pod of my service and that is in the crashloop state with the log below, similar to attached bridge log.

2020-10-08T00:15:47.1407283Z | RestorationJob | TRACE | Dependency: Kubernetes {"name":"Kubernetes","target":"GetV1DeploymentAsync","success":true,"duration":null,"properties":{}}
2020-10-08T00:15:47.1498787Z | RestorationJob | TRACE | Dependency: Kubernetes {"name":"Kubernetes","target":"ListPodsInNamespaceAsync","success":true,"duration":null,"properties":{}}
2020-10-08T00:15:47.1501398Z | RestorationJob | WARNG | Deployment default/smitest02-deployment has already been restored
2020-10-08T00:15:47.1505407Z | RestorationJob | TRACE | Event: RestorationJob-AgentPing {"eventName":"RestorationJob-AgentPing","properties":{"restorePerformed":"false","numFailedPings":"7","hasConnectedClients":"","result":"Failed"},"metrics":{"durationInMs":14.0}}

Is your feature request related to a problem? Please describe.
We are currently evaluating using B2K for several teams in our company. One of these teams is working with a Kubernetes cluster that uses an OIDC authprovider. Unfortunately it seems like the C# kubernetes client that is used by B2K does not support OIDC.

The error that we receive is "User: {userDetails.Name} does not have appropriate auth credentials in kubeconfig" which seems to originate here: https://github.com/kubernetes-client/csharp/blob/master/src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs

Describe the solution you'd like
Ideally I'd like OIDC auth provider to be supported by Bridge To Kubernetes. More specifically I'd be interested in understanding if you have any plans for this at all at the current time. If not, would you consider supporting it, if it was supported by the C# client?

Describe alternatives you've considered
I don't think this is applicable.

Additional context
I'd be happy to provide more context including logs if that helps. Since these might contain PII I'd prefer to send them on a different channel than github.

Thank you for your time and consideration!

Hi,

I have an issue when I try to run Bridge to Kubernetes with isolation enabled. The BtK extension works great and set's up a clone of my Pod and all the services running in my "dev" namespace. It also sets up ingress clones with generated hostnames that point back to the original services running in my "dev" namespace.

The problem that I have is that I am using App Gateway Ingress Controller (AGIC) with hostname annotation, which redirects hostnames like 'my-app.example.com` to my internal backend service and when Bridge to Kubernetes creates ingress for redirection to existing pods in the "dev" namespace it doesn't work because of the AGIC annotation specifically expecting back the hostname 'my-app.example.com' in the ingress.yaml annotation: https://github.com/Azure/application-gateway-kubernetes-ingress/blob/master/docs/annotations.md#backend-hostname.

Since the BtK extension creates these generated names for ingress how would I handle that type of hostname redirection? I'm wondering if there is a better way to handle this that I'm not thinking about? Any help is appreciated. Great work on the extension BTW!

I'm not sure, and can't find this documented anywhere... Does Bridge to Kubernetes support windows nodes?

I am getting the following when trying to use with a windows container image.

Failed to pull image "bridgetokubernetes.azurecr.io/lpkrestorationjob:0.1.1": rpc error: code = Unknown desc = image operating system "linux" cannot be used on this platform

I can't seem to find anywhere to specify node placement?

VS 2019 (Version 16.7.5) is asking me to reneter my azure account credentials in infinite loop during initial configuration - subscription, etc.
I have access to multiple subscription and at least one of them has a running Kubernetes service.
What could be the issue here?

Describe the bug
When starting debugging using Bridge to Kubernetes on a service deployed as a StatefulSet, the session fails with the message

'Patch 'ns/service-0/service' to use
'mindora.azurecr.io/lpkremoteagent:0.1.4' faliled with error:
Operation returned an invalid status code
'UnprocessableEntity'

To Reproduce
Deploy a service as a StatefulSet and try to debug using Bridge to Kubernetes

Expected behavior
Debugging session should start

Logs
bridge-mindarocli-2020-09-29-10-24-14-39464.txt
bridge-library-2020-09-29-10-24-19-34496.txt
bridge-mindarocli-2020-09-29-10-24-19-34496.txt
bridge-library-2020-09-29-10-24-15-39464.txt

Environment Details
Client used Visual Studio:
VS: Visual Studio version --> 16.7.3
Client's version:
Operating System: Windows 10

Is your feature request related to a problem? Please describe.

Many environments will not have databases or other dependencies running on Kubernetes or exposed as Kubernetes Services at all. Bridge to Kubernetes does not proxy any traffic that's not linked to a Kubernetes Service.

Example scenario:

• A user creates a managed database using a service like AWS RDS. The user opts to use a private IP address for the new database (so it's not accessible over the public internet). Once the managed database has been created, the service gives the user an endpoint like database.laksdjflksadjflk.us-east-1.rds.amazonaws.com (or even the internal IP address itself like 10.1.2.3).
• User enters the endpoint of database.laksdjflksadjflk.us-east-1.rds.amazonaws.com into an environment variable that is used to configure what database endpoint the app tries to connect to.
• User attempts to launch a development version of their app using "Bridge to Kubernetes". The app crashes spectacularly when the DNS for database.laksdjflksadjflk.us-east-1.rds.amazonaws.com either doesn't resolve, or the app is unable to connect to the associated internal ip address.

Describe the solution you'd like

All outgoing application traffic, DNS lookups, etc. should be proxied to the Kubernetes cluster by Bridge to Kubernetes. This would let the application connect to non-Kubernetes services and endpoints within the Kubernetes cluster network with no additional configuration.

Describe alternatives you've considered

It's possible to work around this by manually creating a service on the cluster to proxy traffic to your database (or other service external to Kubernetes), and then overriding any env vars or configuration that would reference said database.

# create externalname service that points to the database
kubectl create service external-name db-proxy-service --external-name database.laksdjflksadjflk.us-east-1.rds.amazonaws.com

# add the following to KubernetesLocalProcessConfig.yaml -
# this will override an example "DBHOST" environment variable that's used by the app to connect to the database
version: 0.1
env:
  - name: DBHOST
    value: $(services:db-proxy-service:5432)

This workaround works, but requires two setup steps for every database or non-Kubernetes service, and ideally I'd like to have to not do any setup steps at all.

Describe the bug
I am trying to run the bridge on VSCode on my mac with a Go app that is deployed in a local cluster (k3d).
I had to create a service to the pod because the pod does not require one, it is an autonomous slack bot.
When launching the app I have the following error in the terminal

> Executing task: bridge-to-kubernetes.service <

Redirecting Kubernetes service botkube to your machine...
Current cluster: k3d-k3s-default
Current namespace: botkube
Target service name: botkube
Target service ports: 42530


Error: Oops... An unexpected error has occurred.
For diagnostic information, see logs at '/var/folders/xl/b6750v1n1jj0mk5cshtsx6yr0000gn/T/Bridge To Kubernetes'.

The terminal process terminated with exit code: 1.

Digging into the logs I have the following logs in the bridge-library-2020-10-29-17-54-35-58055.txt file.

2020-10-29T18:02:34.7148630Z | Library | TRACE | Event: KubernetesRemoteEnvironmentManager-GetReachableServices <json>{"properties":{"result":"Failed"},"metrics":{"durationInMs":113.0}}</json>\nOperation context: <json>{"clientRequestId":null,"correlationRequestId":null,"requestId":null,"userSubscriptionId":null,"startTime":"2020-10-29T18:02:34.3791980Z","userAgent":"VSCode/1.0.120201021","requestHttpMethod":null,"requestUri":null,"version":"1.0.20201021.18","requestHeaders":{},"loggingProperties":{"applicationName":"Library","deviceOperatingSystem":"Darwin 19.6.0 Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64","framework":".NET Core 3.1.9","macAddressHash":"2442ea78560a87847acfad6c95c34961167425a202a59048528fe2d40d510c44","processId":58922,"targetEnvironment":"Production","isRoutingEnabled":false}}</json>
2020-10-29T18:02:34.7201280Z | Library | TRACE | Event: ConnectManagementClient-GetElevationRequests <json>{"properties":{"result":"Failed"},"metrics":{"durationInMs":137.0}}</json>
2020-10-29T18:02:34.7207530Z | Library | ERROR | Failed to get elevation requests.
2020-10-29T18:02:34.8762830Z | Library | ERROR | Logging handled exception: System.Net.Http.HttpRequestException: {"StackTrace":"   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\n   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at k8s.WatcherDelegatingHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)\n   at k8s.Kubernetes.ListNamespacedServiceWithHttpMessagesAsync(String namespaceParameter, Nullable`1 allowWatchBookmarks, String continueParameter, String fieldSelector, String labelSelector, Nullable`1 limit, String resourceVersion, Nullable`1 timeoutSeconds, Nullable`1 watch, String pretty, Dictionary`2 customHeaders, CancellationToken cancellationToken)\n   at k8s.KubernetesExtensions.ListNamespacedServiceAsync(IKubernetes operations, String namespaceParameter, Nullable`1 allowWatchBookmarks, String continueParameter, String fieldSelector, String labelSelector, Nullable`1 limit, String resourceVersion, Nullable`1 timeoutSeconds, Nullable`1 watch, String pretty, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.<>c__DisplayClass30_0.<<ListServicesInNamespaceAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.<>c__DisplayClass47_0`1.<<ClientInvokeWrapperAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Common.Utilities.WebUtilities.RetryUntilTimeAsync(Func`2 action, TimeSpan maxWaitTime, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.ClientInvokeWrapperAsync[T](Func`1 handler, String operation, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.ListServicesInNamespaceAsync(String namespaceName, IEnumerable`1 labels, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.GetReachableServicesAsync(RemoteContainerConnectionDetails remoteContainerConnectionDetails, ILocalProcessConfig localProcessConfig, IProgress`1 progress, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.<>c__DisplayClass15_0.<<GetElevationRequestsAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Library.ManagementClients.DevSpacesManagementClientExceptionStrategy.RunWithHandlingAsync[T](Func`1 func, FailureConfig failureConfig)","Message":"IPv4 address 0.0.0.0 and IPv6 address ::0 are unspecified addresses that cannot be used as a target address. (Parameter 'hostName')","Data":{},"InnerException":{"ClassName":"System.ArgumentException","Message":"IPv4 address 0.0.0.0 and IPv6 address ::0 are unspecified addresses that cannot be used as a target address.","Data":null,"InnerException":null,"HelpURL":null,"StackTraceString":"   at System.Net.Dns.HostResolutionBeginHelper(String hostName, Boolean justReturnParsedIp, Boolean throwOnIIPAny, AsyncCallback requestCallback, Object state)\n   at System.Net.Dns.BeginGetHostAddresses(String hostNameOrAddress, AsyncCallback requestCallback, Object state)\n   at System.Net.Sockets.MultipleConnectAsync.StartConnectAsync(SocketAsyncEventArgs args, DnsEndPoint endPoint)\n   at System.Net.Sockets.Socket.ConnectAsync(SocketType socketType, ProtocolType protocolType, SocketAsyncEventArgs e)\n   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":null,"HResult":-2147024809,"Source":"System.Net.NameResolution","WatsonBuckets":null,"ParamName":"hostName"},"HelpLink":null,"Source":"System.Net.Http","HResult":-2147024809}

To Reproduce
install botkube with helm,
create a service because it does not come with one

apiVersion: v1
kind: Service
metadata:
 name: botkube
 labels:
   app: botkube
spec:
 type: ClusterIP
 ports:
 - name: "foo"
   port: 1234
 selector:
   app: botkube

create a config in VSCode with 0 port to forward and no isolation.
run the main.go "Launch with Kubernetes"

Expected behavior
A clear and concise description of what you expected to happen.

Logs
Attach logs from the following directory:
For Windows: %TEMP%/Bridge to Kubernetes
For OSX/Linux: $TMPDIR/Bridge to Kubernetes
this is the bridge-mindarocli.txt log

2020-10-29T18:02:34.3174350Z | MindaroCli | TRACE | Event: Command.Start <json>{"properties":{"arguments":"prep-connect --output json","isRoutingEnabled":"false"},"metrics":null}</json>\nOperation context: <json>{"clientRequestId":null,"correlationRequestId":null,"requestId":null,"userSubscriptionId":null,"startTime":"2020-10-29T18:02:33.8955560Z","userAgent":"VSCode/1.0.120201021","requestHttpMethod":null,"requestUri":null,"version":"1.0.20201021.18","requestHeaders":{},"loggingProperties":{"applicationName":"MindaroCli","deviceOperatingSystem":"Darwin 19.6.0 Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64","framework":".NET Core 3.1.9","macAddressHash":"2442ea78560a87847acfad6c95c34961167425a202a59048528fe2d40d510c44","processId":58922,"targetEnvironment":"Production","commandId":"f3fe95c1-a685-447f-98ac-a0076cd68b2f"}}</json>
2020-10-29T18:02:34.8906600Z | MindaroCli | ERROR | Dependency: Prep Connect <json>{"target":null,"success":false,"duration":null,"properties":{"requestId":"null","clientRequestId":"null","correlationRequestId":"null"}}</json>
2020-10-29T18:02:34.8980190Z | MindaroCli | ERROR | Oops... An unexpected error has occurred.\n
2020-10-29T18:02:34.8990740Z | MindaroCli | ERROR | For diagnostic information, see logs at '/var/folders/xl/b6750v1n1jj0mk5cshtsx6yr0000gn/T/Bridge To Kubernetes'.\n
2020-10-29T18:02:34.9134100Z | MindaroCli | ERROR | Logging handled exception: System.Net.Http.HttpRequestException: {"StackTrace":"   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\n   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at k8s.WatcherDelegatingHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)\n   at k8s.Kubernetes.ListNamespacedServiceWithHttpMessagesAsync(String namespaceParameter, Nullable`1 allowWatchBookmarks, String continueParameter, String fieldSelector, String labelSelector, Nullable`1 limit, String resourceVersion, Nullable`1 timeoutSeconds, Nullable`1 watch, String pretty, Dictionary`2 customHeaders, CancellationToken cancellationToken)\n   at k8s.KubernetesExtensions.ListNamespacedServiceAsync(IKubernetes operations, String namespaceParameter, Nullable`1 allowWatchBookmarks, String continueParameter, String fieldSelector, String labelSelector, Nullable`1 limit, String resourceVersion, Nullable`1 timeoutSeconds, Nullable`1 watch, String pretty, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.<>c__DisplayClass30_0.<<ListServicesInNamespaceAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.<>c__DisplayClass47_0`1.<<ClientInvokeWrapperAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Common.Utilities.WebUtilities.RetryUntilTimeAsync(Func`2 action, TimeSpan maxWaitTime, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.ClientInvokeWrapperAsync[T](Func`1 handler, String operation, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Common.Kubernetes.KubernetesClient.ListServicesInNamespaceAsync(String namespaceName, IEnumerable`1 labels, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.Connect.KubernetesRemoteEnvironmentManager.GetReachableServicesAsync(RemoteContainerConnectionDetails remoteContainerConnectionDetails, ILocalProcessConfig localProcessConfig, IProgress`1 progress, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.<>c__DisplayClass15_0.<<GetElevationRequestsAsync>b__0>d.MoveNext()\n--- End of stack trace from previous location where exception was thrown ---\n   at Microsoft.DevSpaces.Library.ManagementClients.DevSpacesManagementClientExceptionStrategy.RunWithHandlingAsync[T](Func`1 func, FailureConfig failureConfig)\n   at Microsoft.DevSpaces.Library.ManagementClients.ConnectManagementClient.GetElevationRequestsAsync(IProgress`1 progress, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Exe.Commands.Connect.PrepConnectCommand.ExecuteAsync()\n   at Microsoft.DevSpaces.Exe.DevSpacesCliApp.RunCommandAsync(String[] args, CancellationToken cancellationToken)\n   at Microsoft.DevSpaces.Exe.DevSpacesCliApp.ExecuteAsync(String[] args, CancellationToken cancellationToken)","Message":"IPv4 address 0.0.0.0 and IPv6 address ::0 are unspecified addresses that cannot be used as a target address. (Parameter 'hostName')","Data":{},"InnerException":{"ClassName":"System.ArgumentException","Message":"IPv4 address 0.0.0.0 and IPv6 address ::0 are unspecified addresses that cannot be used as a target address.","Data":null,"InnerException":null,"HelpURL":null,"StackTraceString":"   at System.Net.Dns.HostResolutionBeginHelper(String hostName, Boolean justReturnParsedIp, Boolean throwOnIIPAny, AsyncCallback requestCallback, Object state)\n   at System.Net.Dns.BeginGetHostAddresses(String hostNameOrAddress, AsyncCallback requestCallback, Object state)\n   at System.Net.Sockets.MultipleConnectAsync.StartConnectAsync(SocketAsyncEventArgs args, DnsEndPoint endPoint)\n   at System.Net.Sockets.Socket.ConnectAsync(SocketType socketType, ProtocolType protocolType, SocketAsyncEventArgs e)\n   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":null,"HResult":-2147024809,"Source":"System.Net.NameResolution","WatsonBuckets":null,"ParamName":"hostName"},"HelpLink":null,"Source":"System.Net.Http","HResult":-2147024809}
2020-10-29T18:02:34.9147990Z | MindaroCli | TRACE | Event: Command.End <json>{"properties":{"arguments":"prep-connect --output json","result":"Failed"},"metrics":{"duration":672.0}}</json>

Environment Details
Client used (VS Code):

code --version
1.50.1
d2e414d9e4239a252d1ab117bd7067f125afd80a
x64

[email protected]
Client's version:
Operating System: OSX 10.15.7

Additional context
Add any other outputs from the clients or context you would like to share.

Not all of our developers have admin access to our Azure subscriptions. What level of access do they need to use Bridge to Kubernetes?

Describe the bug

Error: Failed to establish a connection. Error: Failed to identify the container to use in pod 'platform-7695c6fbbd-d8qgf' from the container port information in the pod spec. If there are multiple containers in the pod, specify the container name and retry.

To Reproduce
Try to use a container with multiple pods.

Expected behavior
Well, we could provide a config flag in tasks.json something like
"pod or "pod-name" to identify the correct pod and connect to it.

Logs
Attach logs from the following directory:
bridge-library-2020-09-22-12-37-26-68633.txt
bridge-library-2020-09-22-12-37-30-68833.txt
bridge-mindarocli-2020-09-22-12-37-26-68633.txt
bridge-mindarocli-2020-09-22-12-37-29-68833.txt

Environment Details
Client used (VS Code/Visual Studio):

Client's version: v1.0.120200919
Operating System: Ubuntu 20.04.1

Not using AKS, but a self hosted Kubernetes + a Rancher is also there :D

Additional context
Add any other outputs from the clients or context you would like to share.

Describe the bug
When using https and isolation mode traffic is not routed to the local service being debugged

To Reproduce
Set your ingress to use https and config B2K to use isolation mode

Any idea how far out this is? Also, could I open 2 copies of VSCode and debug a different service in each one at the same time?

Describe the bug
The extension changes the .kube/config auth-provider configuration when you launch VSCode with the extension enabled. This causes a kubectl command from a terminal to require a devicelogin for every usage. The extension appears to be removing "environment: AzurePublicCloud" from the yaml (users:name:auth-provider:config:environment value)

To Reproduce

1. Launch VSCode and enable LPK extension.
2. Close all VSCode instances.
3. Delete .kube folder from user profile so starting from a clean environment.
4. az aks get-credentials -g <cluster-resource-group> -n <cluster-name> to get new kube config.
5. Open User Profile .kube/config file in editor and note the "environment" variable exists. Save this property for later. Close editor.
6. Confirm repeated kubectl commands work with only the first requiring a device login.
7. Launch VScode.
8. Open .kube/config file in editor once again and note the "environment" variable no longer exists.
9. Repeated kubectl commands now require a device login on every attempt.
10. Close VSCode.
11. Open .kube/config file in editor again and paste the "environment" variable (from step 5) back into its previous place in the config.
12. Repeat step 6 to confirm working behaviour once again.

Expected behavior
The extension should not alter the .kube/config file

Environment Details
Client used (CLI/VS Code/Visual Studio):
VS Code: 1.47.3
LPK Extension: 0.1.120200803

Operating System:
Windows 10 V2004

Hi @greenie-msft and all team,

When can we start using it for other clusters(without aks) and also when will it be released Bridge-To-Kubernetes for other clusters?
Note Although this quickstart works with Azure Kubernetes Service (AKS), you can also try Bridge to Kubernetes with other Kubernetes clusters. Support for other clusters is in preview.

I tried using it for preview for the on-premises kubernetes cluster, but I got an error like the following. What is the reason?

Debugging with Bridge to Kubernetes requires administrator permissions to:

• Update your machine's hosts file to match your Kubernetes cluster environment.

Once your cluster environment is replicated, all processes on your machine will be able to access it.

after saying continue...

[Window Title]
Visual Studio Code
The preLaunchTask 'bridge-to-kubernetes.compound' terminated with exit code 1.
Remember my choice in user settings [Debug Anyway] [Show Errors] [Abort]

Env. Details;
Windows 10 Pro - Visual Studio Code v1.49.3 - Bridge to Kubernetes v1.0.120200926

Thank you..

Describe the bug
I have installed Kubernetes extension and now want to try to experience local development by installing Local Process with Kubernetes. After installation, open VSCode again, VSCode will hang if open Kubernetes Tab.

To Reproduce

• Install K8S Extension
• Install Local Process with Kubernetes
• Reopen VS Code again & switch to Kubernetes Tab
• Hang there

Expected behavior
Hope to see something working with new extension.

Logs
Attach logs from the following directory:
For Windows: %TEMP%/Local Process with Kubernetes
For OSX/Linux: $TMPDIR/Local Process with Kubernetes

I'm using VS Code remote via SSH to an Ubuntu machine, don't know how to get this log.

Environment Details
Client used (VS Code/Visual Studio):

Client's version:
Operating System: Ubuntu 18.04

Additional context
Add any other outputs from the clients or context you would like to share.

Feature

In Azure DevSpaces, we can customize the domain generation for spaces. For example:

myorg.$(spacePrefix)$(rootSpacePrefix)spaces.testuri.org

Currently, Bridge to Kubernetes requires the first sub-domain in the full domain name as the space name. This doesn't work for our uses cases, since our first sub-domain is an organization URL token we use to access the correct organization database.

Suggested Solution

Add a domain template configuration with a token place holder for the machine or space name:

myorg.$(spacePrefix).spaces.testuri.org

Alternatives

The only alternative at this point would be for us to change how we process domains, but having the first sub-domain be an organization-specific token is common in the industry.

Additional context

This currently works for us in DevSpaces, but is not yet supported in Bridge to Kubernetes. We are trying to convert over when it is supported.

We are running a service on our cluster with a port of 80 and a targetPort of 3000. I have configured B2K to point at this service and use local port 3000. No matter what I do, it just does not seem to work, I get time outs, but no console errors or anything else like it.

Is this something you are aware of, or am I just doing something wrong 😛

I'm running VSCode with a next.js app

I've noticed that tasks.json is updated with an isolateAs property when you run Bridge to Kubernetes: Configure.
Should we be adding tasks.json to .gitignore and have each user run the configure step to make everyone uses a unique value for this setting?

This seems like a great tool with lots of increased productivity potential with more polish & stabilization.
So far I'm just running into a few minor annoyance issues.

Describe the bug
I seem to quite frequently get into a state where the bridge connection fails to work

To Reproduce

1. Use VS code to launch a local app that replaces a Kubernetes service (Currently running Kubernetes locally on Docker Desktop Windows)
2. After exiting, use the option to keep the connection open between launches to reduce launch time
3. After some time like hours (seems like usually more often with machine lock/unlock), launching the local app stops correctly connecting to things inside Kubernetes
4. Disconnecting & reconnecting bridge keeps giving error and fails to re-establish bridge
5. Deleting the Kubernetes service that's being replaced by the bridge, re-creating it, and re-establishing bridge connection seems to make it work again

Expected behavior
Automatic graceful recovery of connection whenever possible

Environment Details
Client used (VS Code/Visual Studio): VS Code
Client's version: [email protected]
Operating System: Microsoft Windows [Version 10.0.19041.508]

Describe the bug
Recently we got K8s integrated with AAD authentication with our organization, which does utilize two-factor authentication. We followed the work around instructions to get by and at first this worked just fine. However the next day I'm seeing a vague error now. "The process has exited."

I'm able to use kubectl in windows cmd prompt/powershell against the .kubeconfig from Bridge's config.

This is a big blocker for our team. At this point I can't debug anything!

To Reproduce
I setup LPK using normal procedures, except I had to establish the work around for AAD to get by two-factor authentication. Local kubectl against the LPK .kubeconfig works fine. I setup LPK config as shown below and clicked the debug button.

Expected behavior
Debugging starts

Logs
Attach logs from the following directory:
For Windows: %TEMP%/Bridge to Kubernetes
bridge-endpointmanager-2020-10-16-15-25-12-29604.txt
bridge-library-2020-10-16-15-25-11-34228.txt
bridge-mindarocli-2020-10-16-15-25-10-34228.txt

For OSX/Linux: $TMPDIR/Bridge to Kubernetes

Environment Details
Client used (VS Code/Visual Studio):
VS: 16.7.6
Client's version: 0.1
Operating System: Version 10.0.19041 Build 19041

Is your feature request related to a problem? Please describe.
While we are only planning to use Bridge-To-Kubernetes on our DEV cluster, we still like to make sure that we give everyone involved only the minimal necessary rights. In order to do that we'd like to know what the minimum rights needed to use Bridge-To-Kubernetes are.

Describe the solution you'd like
I'd love to have a simple role.yaml file that includes the minimum rights needed to use Bridge-To-Kubernetes as a developer.

Describe alternatives you've considered
I'm unsure if there is another more straight forward way to do this.

Additional context
Necessary rights I have identified so far:
CREATE role
CREATE rolebinding
CREATE service
CREATE deployment
CREATE service-account

If there are other best practices to consider when using Bridge-To-Kubernetes I'd highly appreciate having them documented somewhere as well :)

Thank you for considering my request!

Describe the bug
According to https://docs.microsoft.com/en-us/visualstudio/containers/overview-bridge-to-kubernetes?view=vs-2019#diagnostics-and-logging my ingress should be duplicated and there should be annotations on the duplicated services routing.visualstudio.io/route-on-header neither of these is being generated. I'm also unsure as to what DNS name I should be using to access the cluster for the routing to happen

To Reproduce
I followed the steps as outlined on the web site

Cannot launch Local Process with Kubernetes from VSCode.

To Reproduce

1. Install Local Process with Kubernetes extension in VSCode.
2. Connect remote cluster and set appropriate namespace.
3. Launch Local Process with Kubernetes from debug.
4. Setup values when prompted.
5. Click continue on prompt: "We need to update your hosts file to match your cluster's environment. Administrator permissions are required for this action."
6. Receive the following error:

Failed to establish a connection. Error: Failed to deploy remote restore job for pod deployment 'demo/**** with error: Operation returned an invalid status code 'UnprocessableEntity'
Failed to deploy remote restore job for pod deployment 'demo/****' with error: Operation returned an invalid status code 'UnprocessableEntity'

Expected behavior

Local code is mounted and run in debug mode.

Logs

lpk-library-2020-09-18-18-54-50-39828.txt
lpk-mindarocli-2020-09-18-18-54-50-39828.txt
lpk-library-2020-09-18-18-53-50-21796.txt
lpk-mindarocli-2020-09-18-18-53-50-21796.txt

Environment Details
Client used (VS Code/Visual Studio): 1.49.1
Client's version: [email protected]
Operating System: Windows 10 Home

Additional context
The prompt asking for permission to update the Hosts file never creates a windows authorization prompt and my hosts file is never updated.

I don't see a way to setup isolation in Visual Studio.

In VS Code the extension handles the isolation correctly but this is not working in the "regular" Visual Studio.

Describe the bug
When launching long/debuggable requests from frontend to backend(running bridge to kubernetes), these requests go suddenly in timeout and looking at network in chrome devtool i see a 504 status code.

I run the api behind a nginx ingress with this settings:
nginx.ingress.kubernetes.io/proxy-read-timeout: "14400"
nginx.ingress.kubernetes.io/proxy-send-timeout: "14400"
nginx.ingress.kubernetes.io/proxy-connect-timeout: "14400"
If you need any log i'm available to send it
The issue appears in both vscode and visual studio
Thanks very much

To Reproduce
Launching a long request and waiting for the results without errors

Expected behavior
No timeout error

Logs
bridge-library-2020-10-16-18-53-25-54202.txt
bridge-endpointmanager-2020-10-16-18-53-32-54212.txt

Environment Details
Client used (VS Code/Visual Studio):
Latest version of extensions both vscode and vsstudio
Client's version: Mac and Windows

Describe the bug
When trying to create a profile for Bridge to Kubernetes, and error is shown while loading namespaces.

To Reproduce
Steps to follow to reproduce this issue.

1. Open an existing project
2. Attempt to run Bridge to Kubernetes
3. Select the subscription and kubernetes cluster.

Expected behavior
I would expect namespaces to be loaded correctly.

Logs
Attach logs from the following directory:
For Windows: %TEMP%/Bridge to Kubernetes
For OSX/Linux: $TMPDIR/Bridge to Kubernetes

bridge-library-2020-10-16-20-31-27-40604.txt
bridge-mindarocli-2020-10-16-20-31-27-40604.txt

Environment Details
Client used (VS Code/Visual Studio): Visual Studio 2019 16.7.4

Client's version: 1.2.20201009.2
Operating System: Windows 10

Additional context
I am able to run kubectl commands and have an authenticated session with Azure AD.

Is your feature request related to a problem? Please describe.
We are currently exploring Bridge To Kubernetes for our dev team which are both Mac and Windows users.
Mac users are having a blast as everything is working out of the box.
On Windows we do have an enterprise policy which is being enforced and reserves port 80 for a Windows 10 Service (BranchCache). Since Bridge-To-Kubernetes currently requires access to port 80 to work on Windows this is blocking us from adopting the technology for our team (Mac doesn't seem to have this limitation).

Describe the solution you'd like
We'd like to have the requirement lifted to have port 80 available on Windows.

Describe alternatives you've considered
The possibility to configure an alternative port that is used instead of port 80 would be great as well.
We would also be willing to live with workarounds for now.

Thank you for considering our request!

Describe the bug
I cannot delete a folder I opened and worked with in VS Code because kubectl has an handle on. kubectl process lingers on after I close VS Code and each time I do this, the number of kubectl processes running increases. It seems kubectl process is being left over. I am using Windows 10.

Note that if I disable this extension, there is no kubectl process, no handle, and no problem.

To Reproduce
Steps to follow to reproduce this issue.

1. Create a folder someplace.
2. Open VS Code
3. Open the folder
4. Close VS Code
5. Try to delete the folder. You should get a message saying the action cannot be performed because the folder is in use.

Expected behavior
First, there should not be any process lingering and I should be able to delete the folder I was working. Second, why is kubectl process being launched eagerly when clearly what I am doing has nothing to do with Kubernetes.

Environment Details
Version: 1.51.0-insider (user setup)
Commit: 2ee8b8c645ec8ab54304bacae7aa979c1d9c647a
Date: 2020-10-29T06:01:21.160Z
Electron: 9.3.3
Chrome: 83.0.4103.122
Node.js: 12.14.1
V8: 8.3.110.13-electron.0
OS: Windows_NT x64 10.0.19042

Thanks.

Feature request.

If not already in place, can B2K support managed identity? I am running it on a cluster that uses it, and my applications just fail as it can't seem to used MI. I may just be missing something.

Issue 1: Maximum number of retries exceeded

Some of the time, getting dependencies for Bridge to Kubernetes in VS Code may fail with this error.

If the issue reproduces consistently after hitting the retry button, a manual workaround is the best way to proceed.

The workaround

1. Visit one of the below links in a browser (choose based on your platform):
   https://bridgetokubernetes.blob.core.windows.net/zip/lks/lpk-win.zip
   https://bridgetokubernetes.blob.core.windows.net/zip/lks/lpk-osx.zip
   https://bridgetokubernetes.blob.core.windows.net/zip/lks/lpk-linux.zip
   This will prompt the download of a .zip file.
2. Unzip the file and move the contents to the Visual Studio Code extension storage folder. You may need to create the directory if it does not exist.
   On Windows: %UserProfile%\AppData\Roaming\Code\User\globalStorage\mindaro.mindaro\file-downloader-downloads\binaries
   On MacOS: "/Users/your_username/Library/Application Support/Code/User/globalStorage/mindaro.mindaro/file-downloader-downloads/binaries"
   On Linux: /home/your_username/.config/Code/User/globalStorage/mindaro.mindaro/file-downloader-downloads/binaries
3. To check that the hierarchy is correct, you should now see folders called "kubectl" and "EndpointManager" along with several other files side-by-side under the /binaries/ directory.
4. IMPORTANT: If you are on Linux or Mac, you need to run: sudo chmod +x on dsc, kubectl/your_platform/kubectl and EndpointManager/EndpointManager.
5. Open VS Code again. The extension should now be able to find and execute its dependencies.

Long-term
We are currently at work trying to understand why this error happens and to improve the experience! Thank you for your patience.

Issue 2: EACCESS error

If you are on Linux, you might run into this issue:

The workaround

1. From a terminal, navigate to /home/your_username/.config/Code/User/globalStorage/mindaro.mindaro/file-downloader-downloads/binaries
2. Run: sudo chmod +x on dsc, kubectl/linux/kubectl and EndpointManager/EndpointManager.
3. Open VS Code again. The extension should now be able to find and execute its dependencies.

Long-term
This issue will be fixed in our next release -- stay tuned.