Welcome to the Linux Foundation Forum!

11.2 Connection refused

Options
mcdueerkop
mcdueerkop Posts: 5
edited June 2023 in LFS258 Class Forum

Hi all,

When working through the labs 11.2 I was unable to curl the 404 from the nginx pods, I always got "connection refused".

Changing the following values additionally to those mentioned in instruction #4 will allow the ingress controler to use the host ports allowing for a connection from inside the local network.

hostPort:
   # -- Enable 'hostPort' or not
   enabled: true                        <---- change to true
   ports:
     # -- 'hostPort' http port
     http: 80
     # -- 'hostPort' https port
     https: 443

If you have already installed the helm chart and are troubleshooting the error you can change the value in the values.yaml file and upgrade the helm chart:

hlm upgrade myingress .

Your output should look something like this:

Release "myingress" has been upgraded. Happy Helming!
NAME: myingress
LAST DEPLOYED: Sat Jun 17 16:22:33 2023
NAMESPACE: default
STATUS: deployed
**REVISION: 2**
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace default get services -o wide -w myingress-ingress-nginx-controller'

An example Ingress that makes use of the controller:
  apiVersion: networking.k8s.io/v1
  kind: Ingress
  metadata:
    name: example
    namespace: foo
  spec:
    ingressClassName: nginx
    rules:
      - host: www.example.com
        http:
          paths:
            - pathType: Prefix
              backend:
                service:
                  name: exampleService
                  port:
                    number: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
      - hosts:
        - www.example.com
        secretName: example-tls

If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:

  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls

Addtionally
If you have not allowed pods to be secdualed on your cp please curl the server where the pods are running on (your worker node).

Hope this helps someone save time. :)

Categories

Upcoming Training