Problem with Exercise 3.3: Access from Outside the Cluster
Please check this status :
esudbat@kube-master:~$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 40d
nginx LoadBalancer 10.106.224.107 <pending> 80:30619/TCP 26m
Step 6 : External access via the public IP and port doesnt work.
Any suggestion ?
Comments
-
Using GCE :
Definitely this interface is too slow and almost wastage of time- I wish LF moves to Slack- otherwise this is too slow and not so useful :
Here is my output :
esudbat@kube-master:~$ kubectl get svc nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx LoadBalancer 10.106.224.107 <pending> 80:30619/TCP 4d
esudbat@kube-master:~$ curl 104.196.99.153:30619
^C
esudbat@kube-master:~$ kubectl get svc nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx LoadBalancer 10.106.224.107 <pending> 80:30619/TCP 4d
esudbat@kube-master:~$ curl 10.106.224.107:8080
^C
esudbat@kube-master:~$ curl 10.106.224.107:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p><truncated>
esudbat@node1:~$ sudo iptables -A INPUT -p tcp --dport 30619 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
esudbat@node1:~$ sudo iptables -A OUTPUT -p tcp --sport 30619 -m conntrack --ctstate ESTABLISHED -j ACCEPTesudbat@kube-master:~$ curl 104.196.99.153:30619
Keeps waiting - no response here....
LinuxFoundation Guide is not user-friendly.
0 -
Hi, I also use GCE for the labs in this course. I remember having a similar issue with the access from outside the cluster, and after a little bit of google-shooting
I realized it was a GCE firewall issue. I added another firewall rule and after that I was able to complete the exercise. Hope this helps.Good luck!
-Chris
0 -
Yes I did that- I suppose you are referring this link.
https://cloud.google.com/compute/docs/tutorials/basic-webserver-apache
And also tested using a different VM with webserver- that all works. But still couldnt figure out the issue..
I tried flushing all the iptables , still doesnt work, strange. I think there is some firewall issue locally on the node vm- which I am unable to decipher.
0 -
Ok - I added an allow-all firewall rule to allow all trafffic from 0.0.0.0/0, and now it did work. Thanks.
0 -
I am able to curl from within all the GCE network but the external access doesnt seem to be working.
esudbat@node1:~$ curl 35.231.45.60:30438
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>I tried the same rules on the GCE, allow-all but strangely cant access from outside.
chrispokorni , Can you confirm the rules you created in GCE ? To allow all or a particular port.
0 -
For simplicity, I created a rule to allow all tcp traffic (rather than allowing a specific port), and only then I was able to access from the outside on the [nodeIP]:[nodePort], and I verified access on all running nodes.
-Chris
PS: The new rule I created was in the same project where my nodes were (in my case a custom project created only for the purpose of lfs258 where I run all the master/worker nodes)
0 -
The issue is definitely due to the corporate firewall. I tested it outside the corporate network and it worked.
0
Categories
- All Categories
- 177 LFX Mentorship
- 177 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 4 Cloud & Containers Training
- 1 Cybersecurity Training
- 2 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 2 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 769 Linux Distributions
- 81 Debian
- 68 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 955 Programming and Development
- 310 Kernel Development
- 627 Software Development
- 983 Software
- 375 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
- 1.4K LFS258 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)