CentOS Question posted in
The official documentation can be found here.

Kubernetes pod in minikube can't access a service – CentOS

I can’t access a service from a pod, when I run the curl serviceIP:port command from my pod console, I get the following error:

root@strongswan-deployment-7bc4c96494-qmb46:/# curl -v 10.111.107.133:80
*   Trying 10.111.107.133:80...
* TCP_NODELAY set
* connect to 10.111.107.133 port 80 failed: Connection timed out
* Failed to connect to 10.111.107.133 port 80: Connection timed out
* Closing connection 0
curl: (28) Failed to connect to 10.111.107.133 port 80: Connection timed out

Here is my yaml file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: strongswan-deployment
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: strongswan
  template:
    metadata:
      labels:
        app: strongswan
    spec:
      containers:
        - name: strongswan-container
          image: 192.168.39.1:5000/mystrongswan
          ports:
            - containerPort: 80
          command: ["/bin/bash", "-c", "--"]
          args: ["while true; do sleep 30; done;"]
          securityContext:
            privileged: true
      imagePullSecrets:
        - name: dockerregcred

---
apiVersion: v1
kind: Service
metadata:
  namespace: default
  name: strongswan-service
spec:
  selector:
    app: strongswan
  ports:
    - port: 80  # Port exposed to the cluster
      protocol: TCP
      targetPort: 80  # Port on which the pod listens

I tried with an Nginx pod and this time it works, I am able to connect to the Nginx service with the curl command.

I don’t see where the problem comes from, since it works for the Nginx pod. What I did wrong?

I use minikube :

user@user-ThinkCentre-M91p:~/minikube$ minikube version
minikube version: v1.20.0
commit: c61663e942ec43b20e8e70839dcca52e44cd85ae

EDIT

My second pod yaml file

apiVersion: apps/v1
kind: Deployment
metadata:
  name: godart-deployment
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: godart
  template:
    metadata:
      labels:
        app: godart
    spec:
      containers:
        - name: godart-container
          image: 192.168.39.1:5000/mygodart
          ports:
            - containerPort: 9020
      imagePullSecrets:
        - name: dockerregcred

---
apiVersion: v1
kind: Service
metadata:
  namespace: default
  name: godart-service
spec:
  selector:
    app: godart
  ports:
    - port: 9020  # Port exposed to the cluster
      protocol: TCP
      targetPort: 9020  # Port on which the pod listens

The error :

[root@godart-deployment-648fb8757c-6mscv /]# curl -v 10.104.206.191:9020
* About to connect() to 10.104.206.191 port 9020 (#0)
*   Trying 10.104.206.191...
* Connection timed out
* Failed connect to 10.104.206.191:9020; Connection timed out
* Closing connection 0
curl: (7) Failed connect to 10.104.206.191:9020; Connection timed out

the dockerfile :

FROM centos/systemd
ENV container docker
RUN yum -y update; yum clean all
RUN yum -y install systemd; yum clean all; 
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); 
rm -f /lib/systemd/system/multi-user.target.wants/*;
rm -f /etc/systemd/system/*.wants/*;
rm -f /lib/systemd/system/local-fs.target.wants/*; 
rm -f /lib/systemd/system/sockets.target.wants/*udev*; 
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; 
rm -f /lib/systemd/system/basic.target.wants/*;
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]

COPY /godart* /home


RUN yum install -y /home/GoDart-3.3-b10.el7.x86_64.rpm
RUN yum install -y /home/GoDartHmi-3.3-b10.el7.x86_64.rpm


CMD ["/usr/sbin/init"]

EDIT EDIT:

I solved my problem by adding a file that can respond to an http request, this is the file:

var http = require('http');

var handleRequest = function(request, response) {
  console.log('Received request for URL: ' + request.url);
  response.writeHead(200);
  response.end('Hello World!');
};
var www = http.createServer(handleRequest);
www.listen(9020, "0.0.0.0");

To make it work you must have a Node js environment installed.
Run the script with the command:node filename.js
And after that I am able to curl my services.

I don’t really understand why it works now, does anyone have an explanation ?

Thank you

Tags:

2

Answers


  1. 0

    Your strongswan-container container is using bash -c -- "while true; do sleep 30; done;" as command.

    The sleep command obviously does not listen to any port.

    When you try to curl your service on port 80, a TCP connection is attempted towards the Pod on port 80, but since there is no such port listening in the Pod the connection attempt fails.

    Login or Signup to reply.
  2. 0

    how can I fix this error without using the sleep command?

    If I good understand your question I know 2 solutions of your problem. First you can understand how work CrashLoopBackOff. Then you can change Container restart policy. The most important field should be: lastProbeTime. This means Timestamp of when the Pod condition was last probed.

    Second solution should be creating a readiness probe. You can read more about it also here.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search