0

I have a cluster setup locally. I have configure ingress controller with traefik v2.2. I have deployed my application and configured the ingress. Ingress service will query the clusterIP. I have configured my DNS with the A record of master node. Now the problem is i am unable to access the application through ingress when the A record is set to master node. I have accessed the shell of ingress controller pod in all the and tried to curl the clusterIP. I cannot get response from the pod in master node but the pods in worker node give me the response i want. Also I can access my application with A record is set to any of the worker node. I have tried to disable my firewalld service and tried but its same. Did i miss anything while configuring?

Note: I have spin off my cluster with kubeadm.

Thank You.

Susanta Gautam
  • 149
  • 1
  • 1
  • 7
  • The master node has the control plane APIs. Your application and the ingress is running on the worker nodes. If you have only one worker node, the dns record must point to that node address. If you have multiple, you need a loadbalancer in front of your workers, and add the balancer address to dns. You also have to figure out what port the ingress is accessible at. – Burak Serdar Apr 23 '20 at 17:57
  • @BurakSerdar Thank you for your suggestion. But what confuse me is i have another test cluster where i can access using the ip of master node too. Can you tell me exactly what is the reason that i cannot access the address of master node. Also i should have been able to curl the clusterIp from the master node but i am not. I have read that every pod will be able to access each other through kube proxy. – Susanta Gautam Apr 23 '20 at 18:09
  • Are you trying to access the master node k8s APIs or the application? You should be able to access the k8s apis unless there's firewall limiting your access. How is your ingress configured? Is it using a nodeport? is that nodeport open on the master as well? – Burak Serdar Apr 23 '20 at 18:12
  • I have configured my ingress as daemonset with hostnetwork. I am trying to access the application. I can access the traefik dashboard from the master node IP fine. But i am unable to access any application with in pod that are not in master node through ingress. But if i use address of any worker node i can access them through ingress. – Susanta Gautam Apr 23 '20 at 18:17
  • It sounds like you cannot talk to pods from your master node. – Burak Serdar Apr 23 '20 at 18:24
  • Yes. That's exactly what is happening. Do you have any idea what might have been the issue here? – Susanta Gautam Apr 23 '20 at 18:33
  • Can't say. But if I were you I'd start from the routing tables and the iptables of the master node and go from there – Burak Serdar Apr 23 '20 at 18:48
  • Yes. I am missing the route for the weave in my routing table. Do you have any idea how to add the route for it? – Susanta Gautam Apr 23 '20 at 18:55
  • I'd expect the control plane would manage that. Do you have pod network cidr set? – Burak Serdar Apr 23 '20 at 19:11
  • yes. 10.244.0.0/16 this is my pod network cidr. I have rebooted my master node. But the route seems not to be addes – Susanta Gautam Apr 23 '20 at 19:14
  • Try adding it manually, see if it solves it. – Burak Serdar Apr 23 '20 at 19:20
  • how many worker nodes do you have? is node to node; worker to worker communication working fine? where is it running; locally? is you pod network overlapping with your host network? – suren Apr 23 '20 at 22:04
  • @suren i have 1 master node and 3 worker node. Yes All is working fine except the from the pods in master node. The issue seems to be i have somehow lost the route added by weave cni in my master node. – Susanta Gautam Apr 24 '20 at 06:24
  • Did you try to run a pod in the master node and from this pod try to reach other pods in the worker nodes? You can use `dnsutils` image to perfom this test as described [here](https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/). Additionally, post you ingress yaml and the output of the commands `kubectl get svc`, `kubectl get ing` and verify if there are some error in nginx or kubelet logs. – Mr.KoopaKiller Apr 24 '20 at 09:13
  • @KoopaKiller Yes. I have checked everything and i have found the issue that i am missing the route added by weave cni in my master node. I have tried to add the route but it still did not solve the issue? will i need to reinstall the CNI for it? – Susanta Gautam Apr 26 '20 at 04:38
  • Did you try to apply the CNI configuration again? How did you applied that? – Mr.KoopaKiller Apr 28 '20 at 13:45
  • @KoopaKiller i deleted the routes from all nodes, deleted the files generated by cni in /etc/cni and then i again applied the cni plugin again. – Susanta Gautam May 04 '20 at 10:59

0 Answers0