Lab 3.4-5

AlexeyBY

Hello,
The labs are Ok but i've collected several questions
1. How is ClusterIP assigned ? There is no info inside the calico.yaml. Probably the range is 10.0.0.0/8 ; Is it possible to configure - where?
2. The endpoints IP are from 192.168.0.0/16 range (calico.yaml). What about the following IP address:
kubectl exec nginx-6d48c9bcb8-5wlwp -- printenv | grep KUBERNETES ?? It seems 10.96.0.0/16. How is the IP assigned ?
What is the different between the epIP and 10.96.0.0/16 ?
3. As for lab 3.5 task 5, we create a new type of NGINX --> load-balance. I can make an access outside my cluster with IP of my NIC + the port. It's Ok. What about access to Web server (the lab 3.4 task 15). I can use the curl on the master node .It's Ok. Why cannot I use my NIC_IP:80 to access to the web-server ?
4. As for 3.5 task 9, we delete deployment + ep + service but we don't create ep+service. Does It mean as soon as a deployment is created ep/service are created too ?

May you have any links or materials about IP addresses of Kubernetes ?
Thank you in advance.
Alexey

AlexeyBY

Hello again,
May add a comment here. Pls see Chapter 4 of the course Container to Outside Path.
We can see the one endpoint IP per a pod -> 192.168.1.27. --> Even though there are two containers, they share the same namespace and the same IP address!!

Pls see also chapter 3.4 task 22 . There are three IP addresses here. One IP is per the NGINX containers. Can you explain why ?

Thank you

serewicz

Hello,

1 and 2: Calico has some parameters from the calico.yaml file, and others are gotten from the kubeadm init command. We pass the 192.168 network to kubeadm so it agrees with calico. The service IP range of 10. is the default of kubeadm and be changed during initial configuration with the --service-cidr setting.

3: I'm not quite sure what you are asking here. It sound like you can access from outside the cluster using the IP and a high numbered port. But you want to use IP:80 instead? The reason is in the source code. The person who wrote it commented their work and said "Low numbered ports are too busy and would never be used". Which of course if false, but that became the way it is. No low numbered ports are allowed - written into the source code itself. So, if you want to expose IP:80 you would need to use an ingress controller or service mesh.

4: Indeed the step is to show you that things created may not be deleted. Why? Because we have a decoupled and transient environment. The various operators/watch loops continue to run waiting for the other resource to be rebuilt.

Indeed, this is why understanding architecture is so important. With almost all network configurations there is ONLY ONE IP pre pod. In step 22 there are three replica pods deployed, each has its own IP and own endpoint. The single service IP gets traffic to whichever endpoints exist.

Regards,

kstand1ge

I"m having issues with lab 3.5. I'm using AWS. The instructions say to use the public ip i use to ssh but the ssh command is:
ssh -i student.pem ubumtu@ec2-3.138....us-east-2.compute.amazonaws.com. So do i use everything after the @ sign or just the numbers for the ip. Keep in mind AWS uses - instead of . in the ip addresses. My error is just "This site Can't be reached."

chrispokorni

Hi @kstand1ge,

IPv4 IP addresses are in the format of 35.45.55.65 regardless of the cloud provider. What you see on AWS the ...35-45-55-65... format is just the hostname of the EC2 VM instance. For ssh you can use either the IPv4 IP address or the public DNS displayed in the AWS EC2 dashboard.

Regards,
-Chris

kstand1ge

i've tried both and neither work. I still get the same error. 3.138.102.218 refused to connect. I've done something wrong somewhere, i guess. is there something i need to do on the AWS side?

chrispokorni

Hi @kstand1ge,

There is a setup video for AWS EC2 instances that you can access from the Course Resources page of Chapter 1.

Regards,
-Chris

kstand1ge

yeah, i did that twice. I don't know what i've done wrong but it isn't working. I'm on a mac so the putty stuff doesn't really help me.

chrispokorni

@kstand1ge, then run the ssh command in a terminal, or connect to your instance directly from the AWS EC2 dashboard.

kstand1ge

well, i did that. I'm on my instances. No worries there. it's trying to access nginx externally where i'm getting the issue. lab 3.5.

chrispokorni

@kstand1ge, without seeing the actual errors it is difficult to diagnose your specific issue. In the forum you can find prior discussions reporting several issues on AWS EC2 instances, together with solutions on how to fix them.

Regards,
-Chris