K
Q

GCP k8 times out not sure how to open the ports

9/2/2019

I have a simple api I am trying to use in GCP to get the hang of it. I create a pod then a service with a load balancer but I can't hit an external endpoint IP am I missing a step?

Added A firewall rule as well

gcloud compute firewall-rules create allow-sample-api-lb --allow=tcp:31000

Pod Config

apiVersion: v1
kind: Pod
metadata:
  name: "sample-api-lx"
  labels:
    app: sample-api-lx
spec:
  containers:
    - name: sample-api-lx
      image: {image}     
      ports:
        - name: http
          containerPort: 80
      resources:
        limits:
          cpu: 0.2
          memory: "365Mi"

Service Config

kind: Service
apiVersion: v1
metadata:
  name: "sample-api-lx"
spec:
  type: LoadBalancer
  selector:
    app: "sample-api-lx"
  ports:
    - protocol: "TCP"
      port: 80
      targetPort: 80 
      nodePort: 31000

DockerFile

FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build-env
WORKDIR /app
EXPOSE 80
EXPOSE 443

# Copy csproj and restore as distinct layers
COPY *.csproj ./
RUN dotnet restore

# Copy everything else and build
COPY . ./
RUN dotnet publish -c Release -o out

# Build runtime image
FROM mcr.microsoft.com/dotnet/core/aspnet:2.2
WORKDIR /app
COPY --from=build-env /app/out .
ENTRYPOINT ["dotnet", "Api.dll"]
-- Hizzy
google-kubernetes-engine
kubernetes

Similar Questions

What is the Dockerfile "right approach" for production?
kubelet failed to find mountpoint for CPU
istio failing with "failed checking application ports"
kubernetes: Find out actual pod status
Airflow on kubernetes worker pod completed but Web-Ui can't get the status
Kubernetes shows multiple requests instead of one

2 Answers

9/3/2019

So I upgraded to 1.13.7-gke.24 and it works now. Never mind that was a red haring here was the real issue https://status.cloud.google.com/incident/appengine/19010

-- Hizzy
Source: StackOverflow
9/3/2019

Assuming your Pod is in the Ready state (which you can see via kubectl describe pod sample-api-lx), you should be able to connect to your app without adding an additional firewall rule. To connect to the Load Balancer, you need to use the port, not the nodePort. Specifically, find the External IP of the Load Balancer (which you can see via kubectl get service sample-api-lb) and curl <EXTERNAL_IP> or go to <EXTERNAL_IP> in your browser.

On GCP specifically, you can go to the console, navigate to your cluster, and click the link on the sidebar for Services. You should see a link to <EXTERNAL_IP>:80 there and when you click on it, it will do the same as above, i.e. opening the address in your browser.

I reproduced this with the following steps:

  1. created a new GCP project
  2. created a new GKE cluster with default settings, except it only had 1 node instead of 3, and the worker node had 2GB instead of the default 3.75GB, just to save money
  3. created a Pod just like yours, replacing {image} with nginx
  4. created a Service just like yours
  5. Successfully curled it, and viewed it in my browser by clicking the link of the Service as shown in the GCP console

If it still doesn't work, the Kubernetes docs provide guidelines for troubleshooting Services.

-- Amit Kumar Gupta
Source: StackOverflow