0

1 Master : 10.166.232.164 2 Worker : 10.166.232.165, 10.166.232.166

Deploy 3 replica pods for 2 worker nodes

Nodeport service

problem is i can access by curl podIP:8080

but

exec pod and access by clusterIP:Nodeport is not working

kubectl exec -it network-example2-84c98c7b4d-d7wnr /bin/bash -- curl 10.98.10.159:8080 => curl: (7) Failed to connect to 10.98.10.159 port 8080: Connection refused

kubectl exec -it network-example2-84c98c7b4d-d7wnr /bin/bash -- curl 10.98.10.159:23060 => no answer(maybe timeout error)

is it firewall problem..? or CNI..?

I'm using weave-net and no change any config

YoungDo Park
  • 21
  • 3

1 Answers1

1

A closer look to your screenshot indicate you have set externalTrafficPolicy to Local. Try:

curl 10.166.232.165:32060 or curl 10.166.232.166:32060

"Local" means only the node which has the pod running will response to you, otherwise your request will be drop. Change to "Cluster" if you wish all the nodes will response to you regardless if it has the pod running.

gohm'c
  • 13,492
  • 1
  • 9
  • 16
  • master node IP: 10.166.232.164 worker node IP : 10.166.232.165, 10.166.232.166 Nodeport : 32060 and curl 10.166.232.165:32060 => curl: (7) Failed to connect to 10.166.232.165 port 32060: Connection refused – YoungDo Park Jan 14 '22 at 04:38
  • Checkout the updated answer. – gohm'c Jan 14 '22 at 05:35
  • delete service, deployment and re apply that, then External Traffic Policy turns to be 'cluster' but still no reply with "kubectl exec -it network-example2-84c98c7b4d-d7wnr /bin/bash -- curl 10.109.161.92:32060" – YoungDo Park Jan 14 '22 at 06:38
  • `10.109.161.92` - this is not a node IP. You should curl **10.166.232.165**:32060 or **10.166.232.166**:32060 – gohm'c Jan 14 '22 at 07:04
  • it still has error, curl : (7) Failed to connect to 10.166.232.165:32060 : Connection refused is it related to "kube-proxy" logs like can't open port, skipping it err=listen tcp4 : 32060 bind : address already in use – YoungDo Park Jan 14 '22 at 07:14
  • Checkout the [answer](https://stackoverflow.com/a/70707316/14704799) in your other question. – gohm'c Jan 14 '22 at 07:33