Lab 6.1: External Egress Not Working

bryonbaker

Hi,
I am not able to get the external egress working in Lab 6.1. It appears to be a different issue @ajain just raised.
When I attach to the container I get the following:

/ $ nc -vz 127.0.0.1 80
127.0.0.1 (127.0.0.1:80) open
/ $ nc -vz www.linux.com 80
nc: bad address 'www.linux.com'

I have validated it is not a VM networking issue because:
a. If I run the command from the node running the container then it works okay

K8s-Minion1:~$ nc -vz www.linux.com 80
Connection to www.linux.com 80 port [tcp/http] succeeded!

b. If I run the busybox container outside of Kubernetes then I can run nc and ping on www.linux.com and they work fine

K8s-Master:~/K8s Training/src/app2$ sudo docker run -ti 10.105.53.127:5000/busybox
/ # nc -vz www.linux.com 80
www.linux.com (151.101.25.5:80) open

nslookup from the container returns:

/ $ nslookup www.linux.com
;; connection timed out; no servers could be reached

K8s-Master:~$ kubectl get pods -o wide --all-namespaces

NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
default nginx-6b58d9cdfd-zh2pq 1/1 Running 0 5d 192.168.17.232 k8s-master
default registry-795c6c8b8f-l8wkn 1/1 Running 0 5d 192.168.17.230 k8s-master
default secondapp 2/2 Running 0 28m 192.168.4.140 k8s-minion1
default try1-64889f8759-25n7m 2/2 Running 1 2h 192.168.4.133 k8s-minion1
default try1-64889f8759-42crp 2/2 Running 1 2h 192.168.4.132 k8s-minion1
default try1-64889f8759-985m2 2/2 Running 0 2h 192.168.17.195 k8s-master
default try1-64889f8759-sl2ht 2/2 Running 1 2h 192.168.4.134 k8s-minion1
default try1-64889f8759-zqv5x 2/2 Running 0 2h 192.168.17.199 k8s-master
default try1-64889f8759-zx467 2/2 Running 0 2h 192.168.17.198 k8s-master
kube-system calico-etcd-fgs6g 1/1 Running 5 48d 192.168.108.160 k8s-master
kube-system calico-kube-controllers-55c57d69c8-hd5m5 1/1 Running 5 48d 192.168.108.160 k8s-master
kube-system calico-node-klz88 2/2 Running 16 48d 192.168.108.160 k8s-master
kube-system calico-node-xl5sz 2/2 Running 5 2h 192.168.108.165 k8s-minion1
kube-system etcd-k8s-master 1/1 Running 6 48d 192.168.108.160 k8s-master

K8s-Master:~$ kubectl get svc --all-namespaces

NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 443/TCP 48d
default nginx ClusterIP 10.110.185.45 443/TCP 48d
default registry ClusterIP 10.105.53.127 5000/TCP 48d
default secondapp NodePort 10.99.24.144 80:32000/TCP 28m
kube-system calico-etcd ClusterIP 10.96.232.136 6666/TCP 48d
kube-system kube-dns ClusterIP 10.96.0.10 53/UDP,53/TCP 48d
kube-system kubernetes-dashboard ClusterIP 10.99.76.220 443/TCP 5d

chrispokorni

Hi, there may be a solution posted for this issue:

Lab 6.1 External Egress not working (No policies defined yet):
https://forum.linuxfoundation.org/discussion/comment/21433#Comment_21433

Check it out and let us know if it helps.
Regards,
-Chris

bryonbaker

Hi,
No, this does not appear to be the same issue.
Thanks

serewicz

If the IP address works, but not when you use the linux.com name it would seem to be a DNS issue instead of an egress issue. If you use the nc to go to the IP of a public site, for example one IP for linux.com is 151.101.129.5. You can double check with nslookup. Does it work when you use IP but not the name?

Regards,