Reputation: 2376
Kubernetes: All proxying not working
So I have a service like as follow:
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "monitoring-grafana",
"namespace": "kube-system",
"selfLink": "/api/v1/namespaces/kube-system/services/monitoring-grafana",
"uid": "be0f72b2-c482-11e5-a22c-fa163ebc1085",
"resourceVersion": "143360",
"creationTimestamp": "2016-01-26T23:15:51Z",
"labels": {
"kubernetes.io/cluster-service": "true",
"kubernetes.io/name": "monitoring-grafana"
}
},
"spec": {
"ports": [
{
"protocol": "TCP",
"port": 80,
"targetPort": 3000,
"nodePort": 0
}
],
"selector": {
"name": "influxGrafana"
},
"clusterIP": "192.168.182.76",
"type": "ClusterIP",
"sessionAffinity": "None"
},
"status": {
"loadBalancer": {}
}
However, whenever I try to access it through the proxy API, it always fails with this response.
http://10.32.10.44:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-grafana/
Error: 'dial tcp 192.168.182.132:3000: getsockopt: no route to host'
Trying to reach: 'http://192.168.182.132:3000/'
It happens on all of my services also, not just the one posted.
What could be going wrong? Is something not installed?
Upvotes: 1
Views: 1505
Answers (2)
Reputation: 37126
In my case I didn't realize that I have active firewall that was simply preventing access to the ports needed by kubernetes. Quick and crude solution is to run systemctl stop firewalld on the master and all minion nodes and of course you can just open ports needed instead
Upvotes: 0
Reputation: 2762
Looking at the error you posted it seems like the traffic can not be routed from your master to the Docker subnet of your node. The easiest way to validate this is to open a shell on your master and perform a request on your podIP:daemonPort: curl -I http://192.168.182.132:3000
Each node in your cluster should be able to communicate with every other node, and every Docker subnet should be routable. For most deployments you will need to setup an extra network fabric to make this happen, like flannel or Weave.
Take a look at Getting started from Scratch >> Network
Something else is funny. The cluster IP used by your service (192.168.182.76) and the pod IP of the endpoint (192.168.182.132) seem to be in the same subnet. However you need 3 different subnets:
- one for the hosts
- one for the Docker bridges (
--bipflag of Docker) - one for the service (
--service-cluster-ip-range=of the API server)
Upvotes: 2
Related Questions
- Is there anyone to get dynamic env value in seprate pod kubernetes k3s
- Can't resolve 'kubernetes' by skydns service in Kubernetes
- Why does Google Cloud show an error when using ClusterIP
- How do I access this Kubernetes service via kubectl proxy?
- not getting kibana gui outside kubernetes
- Accessing a remote kubernetes cluster with grafana
- Kubernetes API proxy for HTTPS endpoints
- Unable to access Grafana UI on Kubernetes
- requests.get(url) return error code 404 from kubernetes api while the response could be get via curl/GET
- How to make a service can access via the service proxy running at the master in kubernetes