Lab 8.1 routing issue
Hi all,
I deployed and exposed nginx-one, the pods landed on my second node (kube-worker-01) as expected
ubuntu@kube-ctrl-01:~/labs/8.1-service$ kubectl -n accounting describe pod nginx-one-755bd7c7d5-kq777
Name: nginx-one-755bd7c7d5-kq777
Namespace: accounting
Priority: 0
Node: kube-worker-01/10.20.0.5
Start Time: Thu, 28 May 2020 19:43:19 +0000
Labels: pod-template-hash=755bd7c7d5
system=secondary
Annotations: cni.projectcalico.org/podIP: 192.168.188.187/32
cni.projectcalico.org/podIPs: 192.168.188.187/32
Status: Running
IP: 192.168.188.187
However, curl from the control node does not work (since there is no route)
ubuntu@kube-ctrl-01:~/labs/8.1-service$ curl 192.168.188.187:80 curl: (7) Failed to connect to 192.168.188.187 port 80: Connection refused route -n 192.168.84.129 0.0.0.0 255.255.255.255 UH 0 0 0 cali8f6751be4be 192.168.84.130 0.0.0.0 255.255.255.255 UH 0 0 0 cali99d95d831c3 192.168.84.131 0.0.0.0 255.255.255.255 UH 0 0 0 calid152b729a3f
The pod itself if fine, I can curl it from the second node where it resides
ubuntu@kube-worker-01:~$ curl 192.168.188.187:80 <!DOCTYPE html> <html>
I would expect calico to handle inter-node communication via tunl0 interfaces, correct ?
Thanks and regards
Piotrek Z
Comments
-
Hi Piotrek,
Your situation is consistently reported in the forum, and it reflects the cluster's inability to route traffic between nodes, typically because of a firewall that is blocking specific ports. When there is an infrastructure firewall and/or even an OS firewall, Kubernetes will not be able to go around it. Kubernetes does not manage the infrastructure on your behalf, it only uses it as-is.
I would recommend revisiting your firewall rules. At the infrastructure level allow all ingress traffic from all sources, all protocols, to all ports, and at the nodes' OS level disable any firewall you may have running.
Regards,
-Chris0
Categories
- All Categories
- 177 LFX Mentorship
- 177 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 4 Cloud & Containers Training
- 1 Cybersecurity Training
- 2 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 2 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 769 Linux Distributions
- 81 Debian
- 68 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 955 Programming and Development
- 310 Kernel Development
- 627 Software Development
- 983 Software
- 375 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
- 1.4K LFS258 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)