skip to Main Content

Following the example on kubernetes.io I’m trying to connect to an external IP from within the cluster (and i need some port proxy, so not ExternalName service). However it is not working. This is the response I’m expecting

ubuntu:/opt$ curl http://216.58.208.110:80
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

if I use the following config

apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
  name: my-service-1
  labels:
    kubernetes.io/service-name: my-service
addressType: IPv4
ports:
  - name: http
    appProtocol: http
    protocol: TCP 
    port: 80
endpoints:
  - addresses:
      - "216.58.208.110"
---
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  ports:
    - protocol: TCP 
      port: 8888
      targetPort: 80

I expect the following command to get same result:

minikube kubectl -- run -it --rm --restart=Never curl --image=curlimages/curl curl -- my-service:8888

but I get nothing.
if I start an debian image with

minikube kubectl -- run -it --rm --restart=Never debian --image=debian:latest

then

apt update && apt install dnsutils curl -y && nslookup my-service && curl my-service:8888

gives

Server:     10.96.0.10
Address:    10.96.0.10#53

Name:   my-service.default.svc.cluster.local
Address: 10.111.116.160
curl: (28) Failed to connect to my-service port 8888: Connection timed out

Am i missing something? or is it not supposed to work this way?

2

Answers


  1. Chosen as BEST ANSWER

    After some trial and error it seem that if ports[0].name = http is set for the endpointslice it stops working.

    it stops working for when for the service spec.ports[0].targetPort is set to 80 or http as well.

    (it does work when ports[0].name = '')

    Further investing shows that it works if:

    for service

    spec:
      ports:
      - port: 8888
        name: http
        targetPort: http
    

    for endpointslice

    ports:
      - port: 80
        name: http
    

    I guess if you want to name them both the service and the endpointslice have to have corresponding .name values.


  2. As per the first curl response i can see 301 Moved error which is used for permanent URL redirection.Current links using the URL that the response is received for should be updated. try to use https:// in your link.

    The cURL error 28: Operation timed out error indicates that the server was unable to download the
    . zip file containing the new files before it reached your server’s connection timeout limit.

    Refer to this Doc for more information.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search