ClusterIP not reachable within the Cluster

10/26/2020

I'm struggling with kubernates configurations. What I want to get it's just to reach a deployment within the cluster. The cluster is on my dedicated server and I'm deploying it by using Kubeadm.

My nodes:

$ kubectl get nodes
NAME          STATUS   ROLES    AGE   VERSION
k8s-master    Ready    master   9d    v1.19.3
k8s-worker1   Ready    <none>   9d    v1.19.3

I've a deployment running (nginx basic example)

$ kubectl get deployment
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   2/2     2            2           29m

I've created a service

$ kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP   9d
my-service   ClusterIP   10.106.109.94   <none>        80/TCP    20m

The YAML file for my service is the following:

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: nginx-deployment
  ports:
    - protocol: TCP
      port: 80

Now I should expect, if I run curl 10.106.109.94:80 on my k8s-master to get the http answer.. but what I got is:

curl: (7) Failed to connect to 10.106.109.94 port 80: Connection refused

I've tried with NodePort as well and with targetPort and nodePort but the result is the same.

-- v2to
containers
devops
kubernetes
kubernetes-service

1 Answer

10/26/2020

The cluster ip can not be reachable from outside of your cluster that means you will not get any response from the host machine that host your k8s cluster as this ip is not a part of your machine or any other machine rather than its a cluster ip which is used by your cluster CNI network like flunnel,weave. So to get your services accessible from the outside or atleast from the host machine you have to change the type of your service like NodePort,LoadBalancer,K8s port-forward.

If you can change the service type NodePort then you will get response with any of your host machine ip and the allocated nodeport. For example,if your k8s-master is 192.168.x.x and nodePort is 33303 then you can get response by

curl http://192.168.x.x:33303
or
curl http://worker_node_ip:33303

if your cluster is in locally installed, then you can install metalLB to get the privilege of load balancer.

You can also use port-forward to get your service accessible from the host that has kubectl client with k8s cluster access.

kubectl port-forward svc/my-service 80:80

kubectl -n namespace port-forward svc/service_name Port:Port
-- Taybur Rahaman
Source: StackOverflow