Cannot access service from external IP azure devops kubernetes

7/16/2019

I can obtain my service by running

$ kubectl get service <service-name> --namespace <namespace name>

NAME          TYPE           CLUSTER-IP  EXTERNAL-IP  PORT(S)       AGE
service name  LoadBalancer   *********   *********    port numbers  16h

here is my service running at kubernetes but I can't access it through public IP. below are my service and deployment files added . i am using azre devops to build and release container image to azure container registry . As you see above on service describe i got external ip and cluster ip but when i try this ip in browser or use curl i get no response. `

{
  "kind": "Service",
  "apiVersion": "v1",
  "metadata": {
    "name": "service-name",
    "namespace": "namespace-name",
    "selfLink": "*******************",
    "uid": "*******************",
    "resourceVersion": "1686278",
    "creationTimestamp": "2019-07-15T14:12:11Z",
    "labels": {
      "run": "service name"
    }
  },
  "spec": {
    "ports": [
      {
        "protocol": "TCP",
        "port": 80,
        "targetPort": ****,
        "nodePort": ****
      }
    ],
    "selector": {
      "run": "profile-management-service"
    },
    "clusterIP": "**********",
    "type": "LoadBalancer",
    "sessionAffinity": "None",
    "externalTrafficPolicy": "Cluster"
  },
  "status": {
    "loadBalancer": {
      "ingress": [
        {
          "ip": "*************"
        }
      ]
    }
  }
}
{
  "kind": "Deployment",
  "apiVersion": "extensions/v1beta1",
  "metadata": {
    "name": "deployment-name",
    "namespace": "namespace-name",
    "selfLink": "*************************",
    "uid": "****************************",
    "resourceVersion": "1686172",
    "generation": 1,
    "creationTimestamp": "2019-07-15T14:12:04Z",
    "labels": {
      "run": "deployment-name"
    },
    "annotations": {
      "deployment.kubernetes.io/revision": "1"
    }
  },
  "spec": {
    "replicas": 1,
    "selector": {
      "matchLabels": {
        "run": "deployment-name"
      }
    },
    "template": {
      "metadata": {
        "creationTimestamp": null,
        "labels": {
          "run": "deployment-name"
        }
      },
      "spec": {
        "containers": [
          {
            "name": "deployment-name",
            "image": "dev/containername:50",
            "ports": [
              {
                "containerPort": ****,
                "protocol": "TCP"
              }
            ],
            "resources": {},
            "terminationMessagePath": "/dev/termination-log",
            "terminationMessagePolicy": "File",
            "imagePullPolicy": "IfNotPresent"
          }
        ],
        "restartPolicy": "Always",
        "terminationGracePeriodSeconds": 30,
        "dnsPolicy": "ClusterFirst",
        "securityContext": {},
        "schedulerName": "default-scheduler"
      }
    },
    "strategy": {
      "type": "RollingUpdate",
      "rollingUpdate": {
        "maxUnavailable": 1,
        "maxSurge": 1
      }
    },
    "revisionHistoryLimit": 2147483647,
    "progressDeadlineSeconds": 2147483647
  },
  "status": {
    "observedGeneration": 1,
    "replicas": 1,
    "updatedReplicas": 1,
    "readyReplicas": 1,
    "availableReplicas": 1,
    "conditions": [
      {
        "type": "Available",
        "status": "True",
        "lastUpdateTime": "2019-07-15T14:12:04Z",
        "lastTransitionTime": "2019-07-15T14:12:04Z",
        "reason": "MinimumReplicasAvailable",
        "message": "Deployment has minimum availability."
      }
    ]
  }
}

`

-- bilal_khan
azure-devops
kubernetes

2 Answers

7/16/2019

You need to add readinessProbe and livenessProbe on your Deployment and after that check your firewall if all rules are correct.

Here you have some more info about liveness and readiness

-- wolmi
Source: StackOverflow

7/16/2019

Apparently there's a mismatch in label and selector:

Service selector

"selector": {
      "run": "profile-management-service"

While deployment label

"labels": {
      "run": "deployment-name"
    },

Also check targetPort value of the service, it should match containerPort of your deployment

-- A_Suh
Source: StackOverflow