Lab 2.3. curl to basic pod fails.

brunzefb

Hi - my name is Friedrich and I am new to the course.
I have setup a k8s cluster by following Lab 2.1 and Lab 2.2, and can connect to the cluster with kubectl. The worker node has been joined to the cluster too.

I deploy the basic.yaml pod, and kubectl get po shows it is running nginx. Shelling into nginx and doing wget localhost returns html, so nginx is working.
When I do the curl http://[ip-returned-by-kubectl-get-po], it just hangs.

Am I doing something wrong? I'm running on AWS, but running the commands on the cp node via ssh. The network is open to 0.0.0.0/0 for IPV4

brunzefb

follow-up: Did some more testing. The pod seems to be running on the worker node. If I ssh to the worker node, the curl works fine and returns the html contents. The same command does not work on the cp node.

brunzefb

followup2: The same thing happens when we add a service to the mix: only works from the worker node, not the cp node.

chrispokorni

Hi @brunzefb,

What you are experiencing is typically the result of a networking misconfiguration.

Since you are on AWS, are you using the default VPC or have you created a custom one? The default VPC may be blocking some ports by default.

Is your SG allowing all inbound/ingress traffic from all sources, all protocols, to all ports? Are both your EC2 VMs placed in the same SG?

EDIT: You may find additional helpful tips and solutions in prior discussions posted in the forum on the same topic.

Regards,
-Chris

rsandor

I am a little late here but I had the same problem.
@chrispokorni comment got me thinking there was something broken in my VCN (same thing as VPC except for Oracle Cloud Infrastructure).

Make sure to enable IP-to-IP in your ingress rules.

CIDR block  10.0.0.0/29     IP-in-IP    Calico networking with IP-in-IP enabled
CIDR block  10.0.64.0/20        IP-in-IP    Calico networking with IP-in-IP enabled

Oracle Calico Network Guide