Problem connecting router to controller in Kubernetes - "server gave HTTP response to HTTPS client"

Hi everyone,

I'm trying to deploy OpenZiti in Kubernetes by following the OpenZiti Kubernetes Quickstart guide. Everything seems to work well when I use the CLI to access the controller. Both the controller and the router are in the same namespace.

When I deploy the router, I get the following error in the logs:

{"file":"github.com/openziti/ziti/router/configedge.go:325","func":"github.com/openziti/ziti/router.parseEdgeListenerOptions","level":"info","msg":"advertised port [0] in [listeners[443].options.advertise] does not match the listening port [0] in [listeners[3022].address].","time":"2025-05-14T16:19:05.721Z"}
{"cause":"token is unverifiable: error while executing keyfunc: could not retrieve token URL certificate: could not contact remote server [https://controller.ziti.naas.com:443]: Get \"https://controller.ziti.naas.com:443\": dial tcp: lookup controller.ziti.naas.com on 10.43.0.10:53: no such host","file":"github.com/openziti/ziti/router/enroll/enroll.go:77","func":"github.com/openziti/ziti/router/enroll.(*RestEnroller).Enroll","level":"fatal","msg":"failed to parse JWT","time":"2025-05-14T16:19:06.209Z"}

Any ideas on what could be causing this or how to resolve it?

Thanks in advance!

Welcome, @Yorny2101

The router pod failed to resolve the controller's address in DNS, e.g., controller.ziti.naas.com.

Thanks a lot for the help!

I was finally able to resolve the issue using the following command:

kubectl patch deployment ziti-router -n ziti-controller --type merge --patch '
spec:
  template:
    spec:
      hostAliases:
        - ip: "192.168.20.15"
          hostnames:
            - "controller.ziti.naas.com"
'

I had tried configuring it through CoreDNS and /etc/hosts, but neither of those worked in my case.