Can't access Kubernetes service using curl (GKE Autopilot)

Asked Nov 24 '22 at 13:28

Active Nov 24 '22 at 13:28

Viewed 203 times

I have created GKE Autopilot private and deployed Prometheus to it. I have Prometheus service in metrics namespace.

The problem is that I can access this service with kubectl port-forwarding command, but I can't access it with following setup:

execute kubectl proxy
execute curl http://localhost:8001/api/v1/namespaces/metrics/services/prometheus:80/proxy

Getting response:

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "error trying to reach service: dial tcp 10.115.128.78:9090: i/o timeout",
  "reason": "ServiceUnavailable",
  "code": 503
}

But the thing is that:

I can access other kubernetes API endpoints (curl http://localhost:8001/api/v1/namespaces/metrics/services for example)
On GKE Autopilot public cluster I can access this prometheus endpoint

So it seems that private GKE API blocks part of requests, most probably it is expected, but is there any way to overcome this restriction (maybe some GKE configuration needs to be changed)?

asked Nov 24 '22 at 13:28

Roman Kuzmin

Can't access Kubernetes service using curl (GKE Autopilot)

0 Answers0