Home > Software design >  cannot access external ip in minikube with EndpointSlice and Service
cannot access external ip in minikube with EndpointSlice and Service

Time:01-13

Following the example on kubernetes.io I'm trying to connect to an external IP from within the cluster (and i need some port proxy, so not ExternalName service). However it is not working. This is the response I'm expecting

ubuntu:/opt$ curl http://216.58.208.110:80
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

if I use the following config

apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
  name: my-service-1
  labels:
    kubernetes.io/service-name: my-service
addressType: IPv4
ports:
  - name: http
    appProtocol: http
    protocol: TCP 
    port: 80
endpoints:
  - addresses:
      - "216.58.208.110"
---
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  ports:
    - protocol: TCP 
      port: 8888
      targetPort: 80

I expect the following command to get same result:

minikube kubectl -- run -it --rm --restart=Never curl --image=curlimages/curl curl -- my-service:8888

but I get nothing. if I start an debian image with

minikube kubectl -- run -it --rm --restart=Never debian --image=debian:latest

then

apt update && apt install dnsutils curl -y && nslookup my-service && curl my-service:8888

gives

Server:     10.96.0.10
Address:    10.96.0.10#53

Name:   my-service.default.svc.cluster.local
Address: 10.111.116.160
curl: (28) Failed to connect to my-service port 8888: Connection timed out

Am i missing something? or is it not supposed to work this way?

CodePudding user response:

After some trial and error it seem that if ports[0].name = http is set for the endpointslice it stops working.

it stops working for when for the service spec.ports[0].targetPort is set to 80 or http as well.

(it does work when ports[0].name = '')

Further investing shows that it works if:

for service

spec:
  ports:
  - port: 8888
    name: http
    targetPort: http

for endpointslice

ports:
  - port: 80
    name: http

I guess if you want to name them both the service and the endpointslice have to have corresponding .name values.

CodePudding user response:

As per the first curl response i can see 301 Moved error which is used for permanent URL redirection.Current links using the URL that the response is received for should be updated. try to use https:// in your link.

The cURL error 28: Operation timed out error indicates that the server was unable to download the . zip file containing the new files before it reached your server's connection timeout limit.

Refer to this Doc for more information.

  • Related