Pending message exposed externalApi

12/11/2018

Name:ingress-nginx Type:LoadBalancer InternalIP:10.108.240.88 ExternalIP:pending

PORT(s):80:30191/TCP,443:30616/TCP 21h

Yaml file:

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
spec:
  externalTrafficPolicy: Local
  type: LoadBalancer
  loadBalancerIP: 172.18.3.11
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
    name: http
  - port: 443
    targetPort: 443
    protocol: TCP
    name: https

  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

I use docker 18.06,kubernete 1.13 to propose test on private organization with exp ip range 172.18.3.9-20

Flannel Log: kubectl logs --namespace kube-system kube-flannel-ds-amd64-ms94w -c kube-flannel

Result:

Failed to list *v1.Node: Get https://10.96.0.1:443/api/v1/nodes?resourceVersion=0: dial tcp 10.96.0.1:443: getsockopt: connection refused E1211 11:48:43.238318 1 reflector.go:201] github.com/coreos/flannel/subnet/kube/kube.go:295: Failed to list *v1.Node: Get https://10.96.0.1:443/api/v1/nodes?resourceVersion=0: net/http: TLS handshake timeout

Used kubeadm init:

kubeadm init --pod-network-cidr 10.255.0.0/16 --service-cidr 10.244.0.0/16 --service-dns-domain "k8s" --apiserver-advertise-address 172.18.3.9

Dashboard kubernete shows every thing(pods,ingress,replicateSets,private docker registery container) Ok except this service!

-- Arman Riazi
aws-load-balancer
flannel
internal-load-balancer
kubernetes
nginx-ingress

1 Answer

12/12/2018

You must clarify pods status to ensure all pods are running and there aren't any errors such as ImagePullBackOff :

kubectl get pods -o wide
kubectl get pods -o json
kubectl get pods -o wide | grep nginx | awk '{print $6}' | xargs kubectl get node -o json | grep ExternalIP -A 2

If you are using kubeadm then probably you have a master node and some workers. So when you deploy apps using kubectl apply or kubectl create or any other ways, you must use a VPN in you worker nodes. It's because of blocking the website which trying to pull from it.

-- Majid Rajabi
Source: StackOverflow