K
Q

Unable to access exposed port on kubernetes

1/10/2019

I have build a custom tcserver image exposing port 80 8080 and 8443. Basically you have an apache and inside the configuration you have a proxy pass to forward it to the tcserver tomcat. 

EXPOSE 80 8080 8443

After that I created a kubernetes yaml to build the pod exposing only port 80.

apiVersion: v1
kind: Pod
metadata:
  name: tcserver
  namespace: default
spec:
  containers:
  - name: tcserver
    image: tcserver-test:v1
    imagePullPolicy: IfNotPresent
    ports:
    - containerPort: 80

And the service along with it.

apiVersion: v1
kind: Service
metadata:
  name: tcserver-svc
  labels:
    app: tcserver
spec:
  type: NodePort
  ports:
  - port: 80
    nodePort: 30080
  selector:
    app: tcserver

But the problem is that I'm unable to access it.
If I log to the pod (kubectl exec -it tcserver -- /bin/bash), I'm able to do a curl -k -v http://localhost and it will reply.

I believe I'm doing something wrong with the service, but I don't know what.
Any help will be appreciated.

SVC change
As suggested by sfgroups, I added the targetPort: 80 to the svc, but still not working.

When I try to curl the IP, I get a No route to host

[root@testmaster tcserver]# curl -k -v http://172.30.62.162:30080/
* About to connect() to 172.30.62.162 port 30080 (#0)
*   Trying 172.30.62.162...
* No route to host
* Failed connect to 172.30.62.162:30080; No route to host
* Closing connection 0
curl: (7) Failed connect to 172.30.62.162:30080; No route to host

This is the describe from the svc:

[root@testmaster tcserver]# kubectl describe svc tcserver-svc
Name:                   tcserver-svc
Namespace:              default
Labels:                 app=tcserver
Annotations:            <none>
Selector:               app=tcserver
Type:                   NodePort
IP:                     172.30.62.162
Port:                   <unset> 80/TCP
NodePort:               <unset> 30080/TCP
Endpoints:              <none>
Session Affinity:       None
Events:                 <none>
-- radicaled
kubernetes
kubernetes-service

Similar Questions

kubernetes session affinity behavior
Loadbalancing logic in service resource
kubectl logs returns nothing (blank)
How do I view the value of a secret via kubectl?

2 Answers

1/10/2019

I see target post is missing, can you add traget port and test?

apiVersion: v1
kind: Service
metadata:
  name: tcserver-svc
  labels:
    app: tcserver
spec:
  type: NodePort
  ports:
  - port: 80
    nodePort: 30080
    targetPort: 80
  selector:
    app: tcserver
-- sfgroups
Source: StackOverflow
1/11/2019

When you look at the kubectl describe service output, you'll see it's not actually attached to any pods:

Endpoints:              <none>

That's because you say in the service spec that the service will attach to pods labeled with app: tcserver

spec:
  selector:
    app: tcserver

But, in the pod spec's metadata, you don't specify any labels at all

metadata:
  name: tcserver
  namespace: default
  # labels: {}

And so the fix here is to add to the pod spec the appropriate label

metadata:
  labels:
    app: tcserver

Also note that it's a little unusual in practice to deploy a bare pod. Usually they're wrapped up in a higher-level controller, most often a deployment, that actually creates the pods. The deployment spec has a template pod spec and it's the pod's labels that matter.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: tcserver
  # Labels here are useful, but the service doesn't look for them
spec:
  template:
    metadata:
      labels:
        # These labels are what the service cares about
        app: tcserver
    spec:
      containers: [...]
-- David Maze
Source: StackOverflow