Pods not accessible from another host

11/19/2019

I created a cluster with several Raspberry Pi following this tutorial

I'm stuck with a problem.

I have a master node and a slave. I create deployment and a service for Nginx (for testing purpose).

Here is the deployment file

apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
    app: nginx
spec:
replicas: 1
selector:
    matchLabels:
    app: nginx
template:
    metadata:
    labels:
        app: nginx
    spec:
    containers:
    - name: nginx
        image: nginx
        ports:
        - containerPort: 80

Here is the service file

apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
    app: nginx
spec:
type: NodePort
ports:
    - port: 80
    protocol: TCP
selector:
    app: nginx

I cannot reach the service from outside the cluster.

Here is the IP Configuration (all on wifi) :

Master : 192.168.1.200
Slave  : 192.168.1.201

From SSH on the slave I can, ´curl 127.0.0.1:30187´ and also ´curl 192.168.1.201:30187´, but from the master or my personnal computer it can't get the Nginix default page. Instead I have this issue : ´curl: (7) Failed to connect to 192.168.1.201 port 30187: Connection timed out´

Can someone help me on this ?

-- Argon
kubernetes
raspberry-pi
service

3 Answers

11/20/2019

NodePort service can be accessed via all the nodes of the nodes. Once you create NodePort Service, You should be able to access it from local but it will not be accessible to the external world if you are using cloud. This is because of firewall rules.

For example, If you are using Google Cloud Platform We need to change firewall rules. so that external IPs can access the cluster.

So For you to access cluster, port forwarding should be enabled. So check your firewall settings and try it again. if still you can not able to access it. put a comment.

Thanks.

-- Sameer Khan
Source: StackOverflow

11/20/2019

I finally find the answer on this.

I had to allow the forwarding on iptables.

iptables -P FORWARD ACCEPT

Best regards.

-- Argon
Source: StackOverflow

11/20/2019

I think you should specify a targetPort and a nodePort in your service.yaml :

apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
    app: nginx
spec:
type: NodePort
ports:
    - port: 80
    - targetPort : 80
    - nodePort: 32080
    protocol: TCP
selector:
    app: nginx

Now, the port 80 of the container nginx in your pod nginx is visible to other pods on targetPort 80 thanks to the service. But it is also exposed to the outside world on port 32080. You should then be able to access 192.168.1.200:32080

-- plalanne
Source: StackOverflow