K
Q

Load balancing pods

10/16/2019

I have a rancher cluster with 1 node have local ip: 10.39.93.180
I start a pod with 3 replication and load balancer with ExternalIp: 10.39.93.180
Can access pod port but can't access load balancer.

Pod describe.

Name:           development-review-inventory-api-66b6ccfc44-jm59c
Namespace:      development-review-inventory
Priority:       0
Node:           10.39.93.185/10.39.93.185
Start Time:     Wed, 16 Oct 2019 01:27:59 -0400
Labels:         pod-template-hash=66b6ccfc44
                run=development-review-inventory-api
Annotations:    cni.projectcalico.org/podIP: 10.42.0.13/32
Status:         Running
IP:             10.42.0.13
IPs:            <none>
Controlled By:  ReplicaSet/development-review-inventory-api-66b6ccfc44
Containers:
  development-review-inventory-api:
    Container ID:   docker://103d34497d590cdb391c5c4959b2f308fbacf9abf5e2042314be9583f9cf5dd1
    Image:          10.39.93.29:5000/development-review-inventory-api
    Image ID:       docker-pullable://10.39.93.29:5000/development-review-inventory-api@sha256:b54f5c6e499fb1b9981c97fb00f20a38b75c87c493551d1833928b9e78a1260b
    Port:           8510/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Wed, 16 Oct 2019 01:28:00 -0400
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-8ptvb (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-8ptvb:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-8ptvb
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age    From                   Message
  ----    ------     ----   ----                   -------
  Normal  Scheduled  9m43s  default-scheduler      Successfully assigned development-review-inventory/development-review-inventory-api-66b6ccfc44-jm59c to 10.39.93.185
  Normal  Pulling    9m42s  kubelet, 10.39.93.185  Pulling image "10.39.93.29:5000/development-review-inventory-api"
  Normal  Pulled     9m42s  kubelet, 10.39.93.185  Successfully pulled image "10.39.93.29:5000/development-review-inventory-api"
  Normal  Created    9m42s  kubelet, 10.39.93.185  Created container development-review-inventory-api
  Normal  Started    9m42s  kubelet, 10.39.93.185  Started container development-review-inventory-api

Access pod 8510

[root@localhost inventory-api]# k exec -it -n development-review-inventory   development-review-inventory-api-66b6ccfc44-n4wks -- curl 0.0.0.0:8510
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

LoadBalancer config

[root@localhost inventory-api]# k get svc -n development-review-inventory   development-review-inventory-api -o=yaml --export
Flag --export has been deprecated, This flag is deprecated and will be removed in future.
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    run: development-review-inventory-api
  name: development-review-inventory-api
  selfLink: /api/v1/namespaces/development-review-inventory/services/development-review-inventory-api
spec:
  externalIPs:
  - 10.39.93.180
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 31717
    port: 8510
    protocol: TCP
    targetPort: 8510
  selector:
    run: development-review-inventory-api
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer: {}

Path SVC external IP

kubectl patch svc -n development-review-inventory   development-review-inventory-api -p '{"spec":{"externalIPs":["10.39.93.180"]}}'

get SVC

[root@localhost inventory-api]# k get svc -n development-review-inventory
NAME                               TYPE           CLUSTER-IP   EXTERNAL-IP    PORT(S)          AGE
development-review-inventory-api   LoadBalancer   10.43.52.1   10.39.93.180   8510:31717/TCP   15m

Can't access via balancer

[root@localhost inventory-api]# curl 10.39.93.180:31717
curl: (7) Failed connect to 10.39.93.180:31717; Connection refused
-- Đinh Anh Huy
kubernetes
load-balancing
rancher

Similar Questions

How to write kubernetes deployment to get the latest image built using GCP cloudbuild
Kubernetes: High CPU usage
Single health check for all services in an Openshift/Kubernetes cluster
Openshift Pod Autoscaling
Unable to edit configmap in kubernetes

2 Answers

10/18/2019

I install k8s rancher cluster on bare metal and it doesn't support SVC type: LoadBalancer like cloud provider (AWS, GCL...). Need to install https://metallb.universe.tf/ to get the job done without change any config.

Kubernetes does not offer an implementation of network load-balancers (Services of type LoadBalancer) for bare metal clusters. The implementations of Network LB that Kubernetes does ship with are all glue code that calls out to various IaaS platforms (GCP, AWS, Azure…). If you’re not running on a supported IaaS platform (GCP, AWS, Azure…), LoadBalancers will remain in the “pending” state indefinitely when created.

-- Đinh Anh Huy
Source: StackOverflow
10/16/2019

You should access it via exposed port, try to open

10.39.93.180:8501

It will be good, if you can add one public URI in this application ( if it needs any authentication token) and then you can hit its route to validate the response

10.39.93.180:8501/publicURI

I do like this for my applications, and it works fine

-- Tushar Mahajan
Source: StackOverflow