Welcome to the Linux Foundation Forum!

Lab 3.4 pt 20 access application

I followed the kubernete site instructions to install clustered k8s. I used Docker instead of CRI-O and installed Calico. Next is the result of my installed lab.

In "Exercise 3.4: Deploy A Simple Application" I tried to access the nginx in my local network using curl, like a solution lab, but nothing happened. I tried to access it using my three IPs: host, pod(group of application) and cluster. Nothing. I would really appreciate if anyone have tips for me about that.

Why is a route not needed? In the first moment, in lab exercise, I didn't see any instruction about networks inside the cluster. The Kubernetes manage all networks automatically?

Please, if anyone knows of a link or article about k8s structure (kubeclt, pod, kubadm, kubelet, etc) send me, because I'm a little confused about the nomeclature.

Obrigado

[[email protected] ~]# kubectl get deployments nginx
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 3/3 3 3 3h6m

[[email protected] ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-7848d4b86f-76fpx 1/1 Running 0 177m
nginx-7848d4b86f-8nlpl 1/1 Running 0 177m
nginx-7848d4b86f-z5cws 1/1 Running 0 3h7m

[[email protected] ~]# kubectl get svc nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx ClusterIP 10.110.7.15 80/TCP 3h5m

[[email protected] ~]# kubectl get ep nginx
NAME ENDPOINTS AGE
nginx 192.168.0.129:80,192.168.1.131:80,192.168.1.132:80 3h11m

[[email protected] ~]# ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens192 UP 192.168.86.60/24 2804:4cac:400:2400:20c:29ff:fe77:57cc/64 fe80::20c:29ff:fe77:57cc/64
docker0 DOWN 172.17.0.1/16
[email protected] UNKNOWN 192.168.31.128/32
[email protected] UP fe80::ecee:eeff:feee:eeee/64
[email protected] UP fe80::ecee:eeff:feee:eeee/64
[email protected] UP fe80::ecee:eeff:feee:eeee/64

[[email protected] ~]# hostname -i
192.168.86.60

[[email protected] ~]# firewall-cmd --list-ports
6443/tcp 2379/tcp 2380/tcp 10250/tcp 10251/tcp 10252/tcp 10248/tcp 80/tcp

[[email protected] ~]# firewall-cmd --list-services
cockpit dhcpv6-client ssh

[[email protected] ~]# ip r
default via 192.168.86.1 dev ens192 proto static metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.0.128/26 via 192.168.86.62 dev tunl0 proto bird onlink
192.168.1.128/26 via 192.168.86.61 dev tunl0 proto bird onlink
blackhole 192.168.31.128/26 proto bird
192.168.31.135 dev calid03167adb26 scope link
192.168.31.136 dev calibb043632037 scope link
192.168.31.137 dev calieff7138f786 scope link
192.168.86.0/24 dev ens192 proto kernel scope link src 192.168.86.60 metric 100

[[email protected] ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"

Best Answer

  • serewicz
    serewicz Posts: 946
    Accepted Answer

    Hello,

    The lab does talk about networking, both in the overview section where it speaks to firewalls, and when you download and examine Calico.

    From a quick glance it seems your node IPs are 192.168, which overlaps the default Calico settings. Your node would have a routing issue and sending the curls out of the primary interface instead of across the tunnel and cali interfaces to the other node. If you revisit the installation lab you'll not two steps which speak to this potential issue.

    The second issue is using CentOS. It should work, but has not been tested.

    The third issue is you have not opened up all ports as the installation exercise declares.

    Regards,

Answers

Categories

Upcoming Training