Chain KUBE-SERVICES - Rejects Service has no endpoints

10/4/2019

Trying to curl the service deployed in k8s cluster from the master node

curl: (7) Failed to connect to localhost port 31796: Connection 
refused

For kubernetes cluster, when I check my iptables on master I get the following .

Chain KUBE-SERVICES (1 references)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             10.100.94.202        /* 
default/some-service: has no endpoints */ tcp dpt:9015 reject-with 
icmp-port-unreachable
REJECT     tcp  --  anywhere             10.103.64.79         /* 
default/some-service: has no endpoints */ tcp dpt:9000 reject-with 
icmp-port-unreachable
REJECT     tcp  --  anywhere             10.107.111.252       /* 
default/some-service: has no endpoints */ tcp dpt:9015 reject-with 
icmp-port-unreachable

if I flush my iptables with

iptables -F

and then curl

curl -v  localhost:31796 

I get the following

* Rebuilt URL to: localhost:31796/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 31796 (#0)
> GET / HTTP/1.1
> Host: localhost:31796
> User-Agent: curl/7.58.0
> Accept: */*    

but soon after it results in

* Rebuilt URL to: localhost:31796/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* connect to 127.0.0.1 port 31796 failed: Connection refused
* Failed to connect to localhost port 31796: Connection refused
* Closing connection 0
curl: (7) Failed to connect to localhost port 31796: Connection 
refused

I'm using the nodePort concept in my service

Details

kubectl get node 

NAME              STATUS   ROLES    AGE   VERSION
ip-Master-IP   Ready    master   26h   v1.12.7
ip-Node1-ip    Ready    <none>   26h   v1.12.7
ip-Node2-ip    Ready    <none>   23h   v1.12.7


Kubectl get pods 
NAME                             READY   STATUS    RESTARTS   AGE
config-service-7dc8fc4ff-5kk88   1/1     Running   0          5h49m

kubectl get svc -o wide

NAME            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          
AGE   SELECTOR
cadmin-server   NodePort    10.109.55.255   <none>        
9015:31796/TCP   22h   app=config-service
kubernetes      ClusterIP   10.96.0.1       <none>        443/TCP          
26h   <none>

Kubectl get cs 

NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok                   
scheduler            Healthy   ok                   
etcd-0               Healthy   {"health": "true"} 

endpoint.yml

apiVersion: v1
kind: Endpoints
metadata:
name: xyz
subsets:
- addresses:
  - ip: node1_ip
  - ip: node2_ip
 ports:
  - port: 31796
  - name: xyz

service.yml
apiVersion: v1
kind: Service
metadata:
name: xyz
namespace: default
annotations:
alb.ingress.kubernetes.io/healthcheck-path: /xyz
labels:
app: xyz
spec:
type: NodePort
ports:
- nodePort: 31796
  port: 8001
  targetPort: 8001
  protocol: TCP
selector:
app: xyz


deployment.yml 
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: xyz
name: xyz
namespace: default
spec:

replicas: 1
selector:
matchLabels:
  app: xyz
template:
  metadata:
  labels:
    app:  xyz
  spec:
  containers:
  - name: xyz
    image:  abc
    ports:
     - containerPort: 8001
    imagePullPolicy: Always
    resources:
      requests:
        cpu: 200m
    volumeMounts:
    - mountPath: /app/
      name: config-volume    
    restartPolicy: Always
    imagePullSecrets:
    - name: awslogin


     volumes:
     - configMap:
      name: xyz
      name: config-volume
-- Charvee Punia
amazon-web-services
iptables
kubeadm
kubectl
kubernetes

0 Answers