K
Q

Kubernetes weave-scope connection refused / can't be reached after exposing externally

3/20/2020

I've been following this guide to setup weave-scope: https://www.katacoda.com/courses/weave/installing-weave-scope-on-kubernetes

However I've been setting this up on my own kubernetes cluster which I've freshly installed. On my own cluster I'm using Cilium as the network manager, if that changes anything?

I've therefore executed the following commands:

~$ kubectl create -f 'https://cloud.weave.works/launch/k8s/weavescope.yaml'
~$ pod=$(kubectl get pod -n weave --selector=name=weave-scope-app -o jsonpath={.items..metadata.name})
~$ kubectl expose pod $pod -n weave --external-ip="10.96.0.1" --port=4040 --target-port=4040

After which it seems like the service has been correctly exposed:

~$ kubectl get services -n weave
NAME                               TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
weave-scope-app                    ClusterIP   10.100.81.142   <none>        80/TCP     38m
weave-scope-app-848cd4d8b5-w2nmz   ClusterIP   10.98.145.60    10.96.0.1     4040/TCP   33m

However attempting to access it on google chrome:

http://10.96.0.1:4040/ -> This site can't be reached 10.96.0.1 took too long to respond

(K8s master node VM IP) http://10.0.0.100:4040/ -> This site can't be reached 10.0.0.100 refused to connect

Finally, using curl on the internal IP while ssh'ed into the master node gives this:

~$ curl 10.98.145.60:4040
<!doctype html>
<html class="no-js">
  <head>
    <meta charset="utf-8">
    <title>Weave Scope</title>
    <meta name="description" content="">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <script language="javascript">window.__WEAVEWORKS_CSRF_TOKEN = "$__CSRF_TOKEN_PLACEHOLDER__";</script>
  </head>
  <body>
    <!--[if lt IE 10]>
      <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p>
    <![endif]-->
    <div class="wrap">
      <div id="app"></div>
    </div>
  <script type="text/javascript" src="app-4028151e529905aadd83.js?3f69be060dd8d9e6a317"></script><script type="text/javascript" src="vendors-4a04efbf4fb2fcb331ba.js?3f69be060dd8d9e6a317"></script></body>
</html>

So it seems like the service is working internally, but I just can't seem to expose it correctly. Would anyone have any ideas?

-- solarflare
devops
kubernetes
networking

Similar Questions

epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too while sending request to upstream
how to get correct exit code via java code from an spark app in cluster mode in kubernetes
Certificate signed by unknown authority error in Jenkins pipeline with Kubernetes cluster deployment
Openshift secure delete using "oc delete secret"

1 Answer

3/20/2020

You can not connect to a pod via cluster IP from a node. You need to be in another pod(basically inside the pod network) and perform curl for it to work. Now for exposing the pod to be accessible from outside the kubernetes cluster you need to expose it via NodePort or LoadBalancer type service.

-- Arghya Sadhu
Source: StackOverflow