Lab 9.2

reactivan

I have problems with this Lab. I work on a local setup with one CP and one Worker Node. Lab 9.1 is successfully installed. Now I can't go any further.

[user@k8s-master-01 ~]$ less /etc/hosts
192.168.99.200 k8s-master-01.example.org k8s-master-01
192.168.99.201 k8s-worker-01.example.org k8s-worker-01
 
192.168.99.200 k8s-endpoint.example.org  k8s-endpoint

[user@k8s-master-01 ~]$ kubectl -n accounting describe services
Name:                     service-lab
Namespace:                accounting
Labels:                   system=secondary
Annotations:              <none>
Selector:                 system=secondary
Type:                     NodePort
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.101.211.61
IPs:                      10.101.211.61
Port:                     <unset>  8080/TCP
TargetPort:               8080/TCP
NodePort:                 <unset>  30977/TCP
Endpoints:                192.168.243.180:8080,192.168.243.189:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none

[user@k8s-master-01 ~]$kubectl cluster-info
Kubernetes control plane is running at https://k8s-endpoint.example.org:6443
CoreDNS is running at https://k8s-endpoint.example.org:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

user@k8s-master-01 ~]$ curl https://k8s-endpoint.example.org:30977
curl: (7) Failed to connect to k8s-endpoint.example.org port 30977: Connection refused

user@k8s-master-01 ~]$ curl 127.0.0.1:30977
curl: (7) Failed to connect to 127.0.0.1 port 30977: Connection refused

It is the same when i am on the worker node. I have no open port 30977 on both nodes. I checked that with 'netstat'

So i have done the same on an eks to check this in a fast way. The result is the same.

Something went wrong here, do i need a load-balancer? Or is there something else missing that the learners should find out for themselves? In other labs I had the impression a few times that you were installing something like that, I can't find the problem here.

oleksazhel

@reactivan You simply didn't change port from 8080 to 80 -- that's why you don't have access via NodePort (nginx itself doesn't listen on 8080). See lab 9.1 p13.

You can't see that port is listening via netstat, because it is routed via iptables.

leopastorsdg

Hello @reactivan

On Lab Exercise 9.2, it is expected that we use curl with HTTP protocol, not HTTPS. On the other hand, it is important to use "http://" on your command (not only IP address).

Have you tried "curl http://:NodePort"?

Leo

reactivan

At fiist, sorry for the double post, i had problems with the markdown for the code examples. When I left the forum I thought it was only one post.

I have not tried your command curl http://:30977 -but i tried it now for fun, it doesn't work. Also these::

curl http://k8s-endpoint.example.org:30977
curl http://k8s-endpoint:30977
curl http://k8s-master-01:30977
curl http://k8s-worker-01:30977
curl http://k8s-master-01.example.org:30977
curl http://k8s-worker-01.example.org:30977
curl http://127.0.0.1:30977

curl: (7) Failed to connect to * 30977: Connection refused
It doesnt't work for me.

As i say before, i checked with netstat on both nodes:

# netstat -tulpn
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:10257         0.0.0.0:*               LISTEN      1693/kube-controlle
tcp        0      0 0.0.0.0:179             0.0.0.0:*               LISTEN      2541/bird
tcp        0      0 127.0.0.1:10259         0.0.0.0:*               LISTEN      1713/kube-scheduler
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      757/sshd
tcp        0      0 127.0.0.1:41383         0.0.0.0:*               LISTEN      761/containerd
tcp        0      0 127.0.0.1:10248         0.0.0.0:*               LISTEN      981/kubelet
...

there is no open Port 30977

reactivan

It works now with a simpler setup:

kubectl run echoserver --image=k8s.gcr.io/echoserver:1.10 --restart=Never --port=8080 -l app=echoserver
kubectl create service nodeport echoserver --tcp=5005:8080

This works with all commands like:

curl http://k8s-endpoint.example.org:31861
curl k8s-endpoint:31861
curl 192.168.99.200:31861

But i have to understand that i can't see the nodeport 31861 with netstat.

reactivan

@oleksazhel said:
@reactivan You simply didn't change port from 8080 to 80 -- that's why you don't have access via NodePort (nginx itself doesn't listen on 8080). See lab 9.1 p13.

You can't see that port is listening via netstat, because it is routed via iptables.

now I started again with 8.1 and understood the whole thing. Many Thanks!