K
Q

Kubernetes, Cannot access exposed services

6/12/2018

Kubernetes version: v1.10.3

Docker version: 17.03.2-ce

Operating system and kernel: Centos 7

Steps to Reproduce: https://kubernetes.io/docs/tasks/access-application-cluster/service-access-application-cluster/

Results:

[root@rd07 rd]# kubectl describe services example-service

Name: example-service
Namespace: default
Labels: run=load-balancer-example
Annotations:
Selector: run=load-balancer-example
Type: NodePort
IP: 10.108.214.162
Port: 9090/TCP
TargetPort: 9090/TCP
NodePort: 31105/TCP
Endpoints: 192.168.1.23:9090,192.168.1.24:9090
Session Affinity: None
External Traffic Policy: Cluster
Events:

Expected:

Expect to be able to curl the cluster ip defined in the kubernetes service

I'm not exactly sure which is the so called "public-node-ip", so I tried every related ip address, only when using the master ip as the "public-node-ip" it shows "No route to host".

I used "netstat" to check if the endpoint is listened.

I tried "https://github.com/rancher/rancher/issues/6139" to flush my iptables, and it was not working at all.

I tried "https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/", "nslookup hostnames.default" is not working.

The services seems working perfectly fine, but the services still cannot be accessed.

I'm using "calico" and the "flannel" was also tried.

I tried so many tutorials of apply services, they all cannot be accessed.

I'm new to kubernetes, plz if anyone could help me.

-- Yiliu
kubernetes

Similar Questions

How to verify Kubernetes service account token (JWT)
Will storageClass kubernetes.io/no-provisioner work for multi-node cluster?
Pull images from gcr when tag name of the image is constantly changing
Whitelist "kube-system" namespace using NetworkPolicy
Cannot create ACI for new AKS cluster connected to existing on-prem Vnet
How to add condition to test http request using httptest in golang
ConfigMaps Not Found while Deploying an Application to Kubernetes Cluster

2 Answers

6/13/2018

My k8s cluster is 1 master and 1 node.
The service pod is running on the node.
So I used http://nodeip:31105, it shows "Hello Kubernetes!".
But http://masterip:31105 still not working, is it suppose to be right?
I checked the endpoint listen, 31105 is listened on master.

-- Yiliu
Source: StackOverflow
6/12/2018

If you are on any public cloud you are not supposed to get public ip address at ip a command. But even though the port will be exposed to 0.0.0.0:31105

Here is the sample file you can verify for your configuration:

apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: app-name
  name: bss
  namespace: default
spec:
  externalIPs:
  - 172.16.2.2
  - 172.16.2.3
  - 172.16.2.4
  externalTrafficPolicy: Cluster
  ports:
  - port: 9090
    protocol: TCP
    targetPort: 9090
  selector:
    k8s-app: bss
  sessionAffinity: ClientIP
  type: LoadBalancer
status:
  loadBalancer: {}

Just replace your <private-ip> at externalIPs: and do curl your public ip with your node port.

If you are using any cloud to deploy application, Also verify configuration from cloud security groups/firewall for opening port.

Hope this may help.

Thank you!

-- chintan thakar
Source: StackOverflow