K
Q

Port 6443 connection refused when setting up kubernetes

1/3/2022

I am reading the documentation for using kubeadm to set up a Kubernetes cluster. I am running Ubuntu Server 20.04 on three VMs but am currently only working with one of them before doing the configuration on the other two. I have prepared containerd and disabled swap, but am getting stuck with enabling the required ports. I first configured ufw to only allow incoming traffic from port 22 using the OpenSSH application profile. After reading up on enabling required ports, I have run the commands:

sudo ufw allow 6443, sudo ufw allow 6443/tcp, and sudo ufw allow 6443/udp.

When I try using telnet to connect, it fails:

telnet 127.0.0.1 6443
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

...and when using the private IP other computers connect to it with:

telnet 192.168.50.55 6443
Trying 192.168.50.55...
telnet: Unable to connect to remote host: Connection refused

If I tell telnet to use port 22, it works just fine:

telnet 127.0.0.1 22
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
^]
telnet> close
Connection closed.

Is there something I am doing wrong with the firewall configuration? Or is it another thing?

Thank you for the help,

foxler2010

-- Foxler2010
kubernetes
networking
port
ubuntu
ufw

Similar Questions

Sending .gz file via CURL to RESTful put creating ZipException in GZIPInputStream
sha256 doesn't match across environments in kubernetes
GKE master is non responsive
can i use ingress-nginx to simple route traffic?
Spark on K8s - getting error: kube mode not support referencing app depenpendcies in local

4 Answers

1/4/2022

  • Thats because there is no process listening on 6443.you can verify it using ss -nltp | grep 6443

  • 6443 will be listened by "kube-apiserver" which gets created after you initialize the cluster using kubeadm init --apiserver-advertise-address=192.168.50.55 --pod-network-cidr=<pod cidr>

  • since you have not initialized cluster yet , kube-apiserver wont be running hence the error "connection refused".

  • In case if you want to verify that you firewall/ufw settings are done properly in order to accept traffic on port 6443(without installating kubernetes cluster) then you can try following :

1. Install nmap " sudo apt-get install nmap "

2. listen to port 6443 "nc -l 6443"

3. open a another terminal/window and connect to 6443 port "nc -zv 192.168.50.55 6443" . It should say connected.
-- confused genius
Source: StackOverflow
1/3/2022

The connection refused typically means that that the request reaches the server but there is no service running on the specified port. Are you sure the api-server is started on your node ?

-- behanzin777
Source: StackOverflow
1/4/2022

Should you check if the kubernetes has run on or not?
Try command:

kubectl cluster-info

Output looks like this:

enter image description here

If not, you have to initialize the master node of kubernetes with the command:

kubeadm init --apiserver-advertise-address=192.168.50.55 --pod-network-cidr=10.123.0.0/16

192.168.50.55: IP of the master node
10.123.0.0/16: IP range of network-plugin for kubernetes

-- quoc9x
Source: StackOverflow
1/4/2022

I did not do anything with kubeadm, I have only installed containerd so far.

Do the 6443 test after you have ran kubeadm to setup k8s. If you do it now you will not get any response.

-- gohm&#39;c
Source: StackOverflow