K
Q

Can't access kubernetes service which have externalTrafficPolicy as "Local"

7/30/2020

I'm following this guide to preserve source ip for service type nodeport.

kubectl create deployment source-ip-app --image=k8s.gcr.io/echoserver:1.4

kubectl expose deployment source-ip-app --name=clusterip --port=80 --target-port=8080

At this point my service is accessible externally with nodeip:nodeport

When I change the service traffic policy,

kubectl patch svc nodeport -p '{"spec":{"externalTrafficPolicy":"Local"}}'

my service is not accessible.

I found a similar issue , But the solution is not much helpful or not understandable for me . I saw some github threads which says its something to do with hostname override in kube proxy , I'm not clear with it too.

I'm using kubernetes version v1.15.3. Kube proxy is running in iptables mode. I have a single master node and few worker nodes. I'm facing the same issue in my minikube too.

Any help would be greatly appreciated.

-- Noone
kubernetes

Similar Questions

Prometheus Adapter Goroutine issue when fetch the query from external.api
What Roles does a servicePrincipal need to create AKS from AZ CLI
How to deploy newly generated SSL certificate to the applications which are running under kubernetes cluster?
High memory usage when uploading a multipart file to Amazon S3 via streaming?
How ConfigMap Signing Can Be Use For TLS Bootstrapping

1 Answer

7/30/2020

From the docs here

If there are no local endpoints, packets sent to the node are dropped

So you need to use the correct node IP of the kubernetes node to access the service. Here correct node IP is the node's IP where the pod is scheduled.

This is not necessary if you can make sure every node(master and workers) has a replica of the pod.

-- Arghya Sadhu
Source: StackOverflow