Lab 3.4 pt 20 access application

ErlisonSantos

I followed the kubernete site instructions to install clustered k8s. I used Docker instead of CRI-O and installed Calico. Next is the result of my installed lab.

In "Exercise 3.4: Deploy A Simple Application" I tried to access the nginx in my local network using curl, like a solution lab, but nothing happened. I tried to access it using my three IPs: host, pod(group of application) and cluster. Nothing. I would really appreciate if anyone have tips for me about that.

Why is a route not needed? In the first moment, in lab exercise, I didn't see any instruction about networks inside the cluster. The Kubernetes manage all networks automatically?

Please, if anyone knows of a link or article about k8s structure (kubeclt, pod, kubadm, kubelet, etc) send me, because I'm a little confused about the nomeclature.

Obrigado

[root@k8s-master ~]# kubectl get deployments nginx
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 3/3 3 3 3h6m

[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-7848d4b86f-76fpx 1/1 Running 0 177m
nginx-7848d4b86f-8nlpl 1/1 Running 0 177m
nginx-7848d4b86f-z5cws 1/1 Running 0 3h7m

[root@k8s-master ~]# kubectl get svc nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx ClusterIP 10.110.7.15 80/TCP 3h5m

[root@k8s-master ~]# kubectl get ep nginx
NAME ENDPOINTS AGE
nginx 192.168.0.129:80,192.168.1.131:80,192.168.1.132:80 3h11m

[root@k8s-master ~]# ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens192 UP 192.168.86.60/24 2804:4cac:400:2400:20c:29ff:fe77:57cc/64 fe80::20c:29ff:fe77:57cc/64
docker0 DOWN 172.17.0.1/16
tunl0@NONE UNKNOWN 192.168.31.128/32
calid03167adb26@if4 UP fe80::ecee:eeff:feee:eeee/64
calibb043632037@if4 UP fe80::ecee:eeff:feee:eeee/64
calieff7138f786@if4 UP fe80::ecee:eeff:feee:eeee/64

[root@k8s-master ~]# hostname -i
192.168.86.60

[root@k8s-master ~]# firewall-cmd --list-ports
6443/tcp 2379/tcp 2380/tcp 10250/tcp 10251/tcp 10252/tcp 10248/tcp 80/tcp

[root@k8s-master ~]# firewall-cmd --list-services
cockpit dhcpv6-client ssh

[root@k8s-master ~]# ip r
default via 192.168.86.1 dev ens192 proto static metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.0.128/26 via 192.168.86.62 dev tunl0 proto bird onlink
192.168.1.128/26 via 192.168.86.61 dev tunl0 proto bird onlink
blackhole 192.168.31.128/26 proto bird
192.168.31.135 dev calid03167adb26 scope link
192.168.31.136 dev calibb043632037 scope link
192.168.31.137 dev calieff7138f786 scope link
192.168.86.0/24 dev ens192 proto kernel scope link src 192.168.86.60 metric 100

[root@k8s-master ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"

serewicz

Hello,

The lab does talk about networking, both in the overview section where it speaks to firewalls, and when you download and examine Calico.

From a quick glance it seems your node IPs are 192.168, which overlaps the default Calico settings. Your node would have a routing issue and sending the curls out of the primary interface instead of across the tunnel and cali interfaces to the other node. If you revisit the installation lab you'll not two steps which speak to this potential issue.

The second issue is using CentOS. It should work, but has not been tested.

The third issue is you have not opened up all ports as the installation exercise declares.

Regards,

ErlisonSantos

I will try build my lab again using Ubuntu.

Thank you.

chrispokorni

Hi @ErlisonSantos,

I would also recommend following the installation steps from the lab guide, to ensure that kubectl is not run by root.

Regards,
-Chris

ErlisonSantos

Hi @serewicz and @chrispokorni

It's work.

I apologize for didn't follow the lab solution. I only adjusted my host, nodes and calico.yaml IPs to exclude overlaps.

Thanks a lot