Troubleshoot user login issues | GKE Enterprise

English
Deutsch
Español – América Latina
Français
Italiano
Português – Brasil
中文 – 简体
日本語
한국어

This document provides troubleshooting guidance for FQDN user login issues in GKE Identity Service.

Client can't reach GKE Identity Service

This issue occurs in one of the following cases:

You're using a GKE version that doesn't support this user login method.
The control plane VIP doesn't route the traffic to GKE Identity Service.

Error message

  Error: could not start login. Please check if cluster supports server side authentication. Details: failed to ping well-known endpoint: Get "https://cluster-url:XXXXX/.well-known/configuration": dial tcp XXX:XXXXX: connect: connection refused
   ERROR: Configuring Anthos authentication failed

Solution

To resolve this issue, verify that you're using a GKE version of 1.28 or higher and the version of the control plane that supports authentication using FQDN access.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-06-12 UTC.