问题
I've installed kubernetes cluster with help of Kubespray. Cluster having 3 Nodes (2 Master & 1 Worker). node1 - 10.1.10.110, node2 - 10.1.10.111, node3 - 10.1.10.112
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
node1 Ready master 12d v1.18.5
node2 Ready master 12d v1.18.5
node3 Ready <none> 12d v1.18.5
I deployed this pod in node1 (10.1.10.110) and exposed nodeport service as shown.
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default pod/httpd-deployment-598596ddfc-n56jq 1/1 Running 0 7d21h 10.233.64.15 node1 <none> <none>
---
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/httpd-service NodePort 10.233.16.84 <none> 80:31520/TCP 12d app=httpd
Service description
$ kubectl describe services -n default httpd-service
Name: httpd-service
Namespace: default
Labels: <none>
Annotations: <none>
Selector: app=httpd
Type: NodePort
IP: 10.233.16.84
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 31520/TCP
Endpoints: 10.233.64.15:80
Session Affinity: None
External Traffic Policy: Cluster
Question: I can able to access the service from node1:31520 (where the pod actually deployed) but can't able to access the same service from other nodes (node2:31520 (or) node3:31520)
$curl http://10.1.10.110:31520
<html><body><h1>It Works!</h1></body></html>
but if I curl with other node IP, timed out response
$curl http://10.1.10.111:31520
curl (7): Failed connect to 10.1.10.111; Connection timed out
$curl http://10.1.10.112:31520
curl (7): Failed connect to 10.1.10.112; Connection timed out
Can anyone suggest what I am missing ?
回答1:
Because you have only one pod on 10.1.10.110
Your curl is wrong, you didn't deploy a pod on 111 and 112 nodes, this is the reason that the endpoints aren't working. Just execute curl http://10.1.10.110:31520
on the other nodes and it will work
回答2:
Ideally you should be able to access a pod via NodePort using any of the nodes IP. If kube-proxy or CNI Plugin(calico etc) are not working properly in your cluster then it can cause the problem where pod is not reachable via a Nodes IP on which the Pod is not scheduled.
Check this related question kubernetes: cannot access NodePort from other machines
来源:https://stackoverflow.com/questions/62898469/why-i-cant-access-a-kubernetes-pod-from-other-nodes-ip