K
Q

Cannot access a Kubernetes postgresql service from the outside

3/2/2016

I'm using Docker 1.10.1 and Kubernetes 1.0.1 on a local bare metal computer with Ubuntu 14.04, and I'm still new on this. That computer is the Kubernetes master as well as the node I'm using to make tests (I'm currently making a proof of concept). I created a couple of containers (1 nginx and 1 postgresql 9.2) to play with them.

I created the service and pod definitions for the postgresql container as follows:

----- app-postgres-svc.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    name: AppPostgres
  name: app-postgres
spec:
  ports:
    - port: 5432
  selector:
    app: AppPostgresPod
  type: NodePort
  clusterIP: 192.168.3.105

----- app-postgres-pod.yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: app-postgres-pod
spec:
  replicas: 1
  selector:
    app: AppPostgresPod
  template:
    metadata:
      name: app-postgres-pod
      labels:
        app: AppPostgresPod
    spec:
      containers:
      - name: app-postgres-pod
        image: localhost:5000/app_postgres
        ports:
        - containerPort: 5432

I also installed HAProxy in order to redirect the requests to ports 80 and 5432 to their corresponding Kubernetes service. The following is the HAProxy definition of the frontend and backend for the postgresql redirection:

frontend postgres
        bind *:5432
        mode tcp
        option tcplog        
        default_backend postgres-kubernetes

backend postgres-kubernetes
        mode tcp
        balance roundrobin
        option pgsql-check
        server postgres-01 192.168.3.105:5432 check

After I start the kubernetes cluster, services and pods, I first tried hitting the nginx site from the outside and it works like a charm. But, when I try to connect to the postgresql service from the outside I get the following error:

Error connecting to the server: server closed the connection unexpectedly
This probably means the server terminated abnormally before or while processing the request.

And if I look at the log, there are too many of these messages:

LOG:  incomplete startup packet
LOG:  incomplete startup packet
...

This is the command I use to try to connect from the outside (from another computer on the same LAN):

psql -h 192.168.0.100 -p 5432 -U myuser mydb

I also tried using pgAdmin and the same error was displayed.

Note: if I try to connect to the postgres service from the docker/kubernetes host itself, I can connect without any problems:

psql -h 192.168.3.105 -p 5432 -U myuser mydb

So it seems like the Kubernetes portion is working fine.

What might be wrong?

EDIT: including the details of the LAN computers involved in the proof of concept, as well as the kubernetes definitions for the nginx stuff and the entries on haproxy configuration. So the issue happens when I try to connect from my laptop to the postgres service on the docker/kubernetes box (I thought HAProxy would redirect the request that arrives to the docker/kubernetes box at port 5432 to the kubernetes postgres service)

----- LAN Network
My Laptop: 192.168.0.5
HAProxy/Docker/Kubernetes box: 192.168.0.100
   |
   ---> Kubernetes Nginx Service: 192.168.3.104
           |
           --->  Nginx Pod: 172.16.4.5
   |
   ---> Kubernetes Postgres Service: 192.168.3.105
           |
           ---> Postgres Pod: 172.16.4.9

----- app-nginx-svc.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    name: AppNginx
  name: app-nginx
spec:
  ports:
    - port: 80
  selector:
    app: AppNginxPod
  type: NodePort
  clusterIP: 192.168.3.104

----- app-nginx-pod-yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: app-nginx-pod
spec:
  replicas: 2
  selector:
    app: AppNginxPod
  template:
    metadata:
      name: app-nginx-pod
      labels:
        app: AppNginxPod
    spec:
      containers:
      - name: app-nginx-pod
        image: localhost:5000/app_nginx
        ports:
        - containerPort: 80

----- haproxy entries on /etc/haproxy/haproxy.cfg

frontend nginx
        bind *:80
        mode http
        default_backend nginx-kubernetes

backend nginx-kubernetes
        mode http
        balance roundrobin
        option forwardfor
        option http-server-close
        http-request set-header X-Forwarded-Port %[dst_port]
        http-request add-header X-Forwarded-Proto https if { ssl_fc }
        server nginx-01 192.168.3.104:80 check

SOLUTION: I had to specify the user parameter in the pgsql-check line of the HAProxy configuration. After that, I was able to connect without any problems. Went back and removed the user parameter just to verify that the error was back, and it was. So, definitely, the problem was caused by the absence of the user parameter in the pgsql-check line.

-- Roland Pish
docker
haproxy
kubernetes
postgresql
ubuntu

Similar Questions

openshift pod fails and restarts frequently
Cannot ping ClusterIP from inside the pod and DNS is not working for external domains like google.com
Can we control the k8s node run container members?
Modelling Kubernetes Custom Types Resources

0 Answers