java.net.SocketException in simple Kubernetes pod-CodePudding

TL;DR

java.net.SocketException: Network is unreachable (connect failed) in simple Kubernetes pod that can curl to the internet.

Short Description

I've setup a simple Job object in Kubernetes, which spawns a simple pod to use the Slack-Api to poll for a conversation history via slack.

Running this application locally or dockerized works like a charm. But when trying to execute it in Kubernetes I get a

java.net.SocketException: Network is unreachable (connect failed)
    at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
    at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242)
    at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
    at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
    at java.base/java.net.Socket.connect(Socket.java:609)
    at okhttp3.internal.platform.Platform.connectSocket(Platform.kt:120)

Kubernetes config

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: my-app-job
spec:
  schedule: "*/1 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
            - name: name
              image: myimage
              imagePullPolicy: Always
              ports:
                - containerPort: 443
                  protocol: TCP
                - containerPort: 80
                  protocol: TCP
              env:
                - name: http_proxy
                  value: myproxy
                - name: https_proxy
                  value: myproxy
                - name: no_proxy
                  value: myproxy
          restartPolicy: OnFailure

Trying to debug what is happening, I noticed that I could curl something from my pod (so there's access to the public internet) but when I try to ping, i get Socket: Operation not permitted.

Eg:

bash-4.2$ ping www.google.com
ping: socket: Operation not permitted
bash-4.2$ curl -I www.google.com
HTTP/1.1 200 OK
content-type: text/html; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 29 Sep 2021 09:18:36 GMT
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
expires: Wed, 29 Sep 2021 09:18:36 GMT
cache-control: private
set-cookie: XXXXXXXXXXX
expires=Thu, 31-Mar-2022 09:18:36 GMT; path=/; domain=.google.com; HttpOnly
x-cache: MISS from XXXXXXXXXXX
x-cache-lookup: MISS fXXXXXXXXX

bash-4.2$ command terminated with exit code 137

I believe that I'm missing some configuration. I tried opening a port with a NodePort service but I had no success. Any ideas how to debug this?

CodePudding user response：

Java does not inherit the proxy settings from the environment.

You need to specify the proxy using Java system properties

-Dhttp.proxyHost=locahost -Dhttp.proxyPort=9900