K
Q

Fail to make HTTPS requests in pod internal network

1/11/2019

Fail to make HTTPS requests in pod network (192.168.0.0/16)

I have created a new set k8s cluster, 10.100.1.1 (master), 10.100.1.2...10.100.1.5, pod internal network is 192.168.0.0/16

e.g. metrics-server is assigned to node3 (10.100.1.3), with pod ip address 192.168.12.123.

when I ssh to node3 and do a curl (curl -k https://192.168.12.123), it can return result

but if I ssh to nodes other than node3, and do a curl (curl -k https://192.168.12.123), it will return curl: (28) Operation timed out after 0 milliseconds with 0 out of 0 bytes received

Basically all cross-nodes pod HTTPS requests (192.168.x.x) fails

-- Alan H0
kubernetes

Similar Questions

Using fabric8 API to check kubernetes cron jobs
How to use kops to create a Kubernetes cluster on AWS without the usage of the ELB service?
How to make Helm install to use 'kubectl apply' instead of 'kubectl create'
For a GKE Kubernetes Cluster w/Alias what will a custom Secondary Range Name default to?
How to expose an Azure Kubernetes cluster with a public IP address using Terraform

2 Answers

1/16/2019

finally figured out the problem.

from calico config, the MTU is 1500 from ifconfig, the MTU of the interface is 1450

the solution is to kubectl edit configmap calico-config, change MTU value from 1500 to 1430, and restart.

this solves the issues

-- Alan H0
Source: StackOverflow
1/11/2019

I think there is an issue with firewall between nodes in your cluster. Make sure that you open required ports between master and worker nodes in your Kubernetes cluster.

I hope it will be helpful

-- coolinuxoid
Source: StackOverflow