this is my service information

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

k8s-demo NodePort 10.103.77.121 192.168.96.10 80:32236/TCP 24h

when I curl 192.168.96.10:32236,returns curl: (56) Recv failure: Connection reset by peer

but I can use minikube service command to access this service locally

configuration file below

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2022-10-10T08:27:35Z"
  labels:
    app: k8s-demo
  name: k8s-demo
  namespace: default
  resourceVersion: "65370"
  uid: 9ccd2662-a3df-4e25-9691-3f6e3421d78b
spec:
  clusterIP: 10.103.77.121
  clusterIPs:
  - 10.103.77.121
  externalIPs:
  - 192.168.96.10
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - nodePort: 32236
    port: 80
    protocol: TCP
    targetPort: 8080
  selector:
    app: k8s-demo
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

I already set the externalIP and port for this service, but it seems didn't work, I wonder what's wrong with the configuration, thanks !!

CodePudding user response：

To have an external access to a NodePort service the node should have a public ip address assigned to it. 192.168.96.10 is a private ip address.

IANA has assigned the following 3 ip ranges for private network -

Address ranges to be use by private networks are:

    Class A: 10.0.0.0 to 10.255.255.255
    Class B: 172.16.0.0 to 172.31.255.255
    Class C: 192.168.0.0 to 192.168.255.255

Ref: https://www.ibm.com/docs/en/networkmanager/4.2.0?topic=translation-private-address-ranges

CodePudding user response：

In order to overcome this error curl: (56) Recv failure: Connection reset by peer Use below in yaml to access the internet and refer this SO Link

ipBlock:
        cidr: "0.0.0.0/0"
        except:
        - "10.0.0.0/8"
        - "172.16.0.0/12"
        - "192.168.0.0/16"

Or else check if there are any firewalls enabled, try to disable them and have a try.