Intro Kubernetes Chapter 3 Lab 3,4

bdkdavid

I set up a nginx in cluster;
ran

curl 10.99.142.249:80
curl 192.168.100.158:80
curl 10.200.125.2:80

it seem to hang not sure what is wrong

I created the lab environment on my local network
using HA proxy from lab 16.2

I am running kubectl from local machine
I also tried running it from worker node kworker03-test/192.168.100.158
Also a control plane node ...151

kubectl get po,ep,svc | grep nginx
pod/nginx-74d589986c-rpptl 1/1 Running 0 44m
endpoints/nginx 10.200.125.2:80 39m
service/nginx ClusterIP 10.99.142.249 80/TCP 39m

kubectl describe pod nginx | grep Node
Node: kworker03-test/192.168.100.158
Node-Selectors:

kubectl describe po nginx
Name: nginx-74d589986c-qvcq7
Namespace: default
Priority: 0
Node: kworker04-test/192.168.100.159
Start Time: Wed, 06 Jul 2022 12:43:15 -0700
Labels: app=nginx
pod-template-hash=74d589986c
Annotations: cni.projectcalico.org/containerID: 365213920a7dae68499ae1e8aeb26e3157769ef76127e5d08ac578671fca2a74
cni.projectcalico.org/podIP: 10.200.156.129/32
cni.projectcalico.org/podIPs: 10.200.156.129/32
Status: Running
IP: 10.200.156.129
IPs:
IP: 10.200.156.129
Controlled By: ReplicaSet/nginx-74d589986c
Containers:
nginx:
Container ID: containerd://cbe49e74874c0033672e466912573ebd0302556a2552a435fd069a8732ef4d3d
Image: nginx
Image ID: docker.io/library/nginx@sha256:10f14ffa93f8dedf1057897b745e5ac72ac5655c299dade0aa434c71557697ea
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Wed, 06 Jul 2022 12:43:28 -0700
Ready: True
Restart Count: 0
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-x5cdd (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-x5cdd:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 117s default-scheduler Successfully assigned default/nginx-74d589986c-qvcq7 to kworker04-test
Normal Pulling 117s kubelet Pulling image "nginx"
Normal Pulled 105s kubelet Successfully pulled image "nginx" in 11.665512029s
Normal Created 105s kubelet Created container nginx
Normal Started 105s kubelet Started container nginx

bdkdavid

ok, deleted pod: it seems to work now

tested with:
kubectl exec --stdin --tty nginx-74d589986c-qvcq7 -- /bin/bash
From inside the container -pod
curl 10.200.156.129:80
curl 10.99.142.249:80
pod ip address works as expected

<!DOCTYPE html>


Welcome to nginx!

html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

then the control plane
curl 10.200.156.129:80
curl 10.99.142.249:80

bdkdavid

I am running a kubectl from local machine outside cluster
I created an ssh tunnel
ssh tunnel load_ip =ip_address_nginx_load_balancer_public
leave this open ssh -L 6443:localhost:6443 user@load_ip
open new terminal

I can run kubectl commands:
but it hangs when I run the curl commands

chrispokorni

Hi @bdkdavid,

In Lab Exercise 3.4 the assumption is that the kubectl CLI tool runs on a cluster node, having direct access to pod IP addresses and ClusterIP service addresses. In a typical scenario, where kubectl runs remotely on a system outside of the cluster, there is no direct access to pod IP addresses and to ClusterIP service addresses. However, by converting the service to a NodePort type, you should be able to curl to "NodeIP":"NodePort".

Regards,
-Chris

bdkdavid

I was able to determine the nodes that the nginx was running and it worked as you have mentioned.
I did not convert it to a nodeport in the yaml or any other method. Is there a reason for that?

chrispokorni

Hi @bdkdavid,

Exposing the application through a NodePort type service allows you to reach that application remotely via curl to "NodeIP":"NodePort"

Regards,
-Chris