Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to access a NodePort service from outside #18513

Open
nicolasduminil opened this issue Mar 26, 2024 · 14 comments
Open

Unable to access a NodePort service from outside #18513

nicolasduminil opened this issue Mar 26, 2024 · 14 comments
Assignees
@kundan2707
Labels
sig/network Categorizes an issue or PR as relevant to SIG Network.

Comments

@nicolasduminil
Copy link

nicolasduminil commented Mar 26, 2024
edited
Loading

What Happened?

In an Undertow web server, I deployed a simple HTTP listener which just returns a text to the caller. I'm running this server in a Minikube pod. I've created the associated deployment and I exposed it as a NodePort service. This service should be accessible from outside at both the CLUSTER-IP and the node IP address. But it isn't. It's only accessible from within the pod. Here is what I did:

# Create a deployment
$ kubectl create deployment undertow-dep --image nicolasduminil/undertow:latest 
# Check the deployment
$kubectl get deployments
NAME                READY   UP-TO-DATE   AVAILABLE   AGE
undertow-dep   1/1                    1                 1             11m 
# Check the pods
$ kubectl get pods
                     NAME                            READY   STATUS    RESTARTS   AGE
undertow-dep-559bd54788-5zznz   1/1     Running          0          13m
# Expose the deployment as a NodePort service
$ kubectl expose deployment undertow-dep --type=NodePort --name=undertow-np --port 8080
# Check the NodePort service
$ kubectl get svc
NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                AGE
kubernetes    ClusterIP       10.96.0.1          <none>        443/TCP                 16m
undertow-np   NodePort    10.111.62.34   <none>        8080:31158/TCP   15m
# Check the nose IP address
$ kubectl describe pod undertow-dep-559bd54788-5zznz
Name:             undertow-dep-559bd54788-5zznz
Namespace:        default
Priority:         0
Service Account:  default
Node:             minikube/192.168.49.2
Start Time:       Tue, 26 Mar 2024 18:27:15 +0100
Labels:           app=undertow-dep
              pod-template-hash=559bd54788
Annotations:      <none>
Status:           Running
IP:               10.244.0.3
IPs:
  IP:           10.244.0.3
Controlled By:  ReplicaSet/undertow-dep-559bd54788
Containers:
  undertow:
    Container ID:   docker://9c0edb7b2e5c186b324062f9ac28f4ad220414143379fda6f5d69507f1a4afc5
    Image:          nicolasduminil/undertow:latest
    Image ID:       docker-pullable://nicolasduminil/undertow@sha256:f4ac6bf51c9f9514077bcea8904f9df1bc59ff4f595e53f4718a1ec160beaa28
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Tue, 26 Mar 2024 18:27:21 +0100
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-fmmss (ro)
Conditions:
  Type              Status
 Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  kube-api-access-fmmss:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                         node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  93s   default-scheduler  Successfully assigned default/undertow-dep-559bd54788-5zznz to minikube
  Normal  Pulling    93s   kubelet            Pulling image "nicolasduminil/undertow:latest"
  Normal  Pulled     88s   kubelet            Successfully pulled image "nicolasduminil/undertow:latest" in 5.005s (5.005s including waiting)
  Normal  Created    88s   kubelet            Created container undertow
  Normal  Started    87s   kubelet            Started container undertow

Now the service should be accessible from my box at both 10.111.62.34:8080 and 10.244.0.3:31158, but is isn't.
However, the following works as expected:

$ kubectl exec undertow-dep-559bd54788-5zznz -- curl http://10.244.0.3:8080

What did I miss here ?

Many thanks in advance for your help and support.

Attach the log file

log.txt

Operating System

Ubuntu

Driver

Docker
@pranav-pandey0804
Copy link

/sig network

@k8s-ci-robot k8s-ci-robot added the sig/network Categorizes an issue or PR as relevant to SIG Network. label Mar 27, 2024
@kundan2707
Copy link
Contributor

/assign

@nicolasduminil
Copy link
Author

Anyone ?

@kundan2707
Copy link
Contributor

@nicolasduminil can you share outcome of following command
minikube service undertow-np --url

@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 11, 2024
@kundan2707
Copy link
Contributor

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 11, 2024
@kundan2707
Copy link
Contributor

@nicolasduminil gentle reminder

@nicolasduminil
Copy link
Author

@kundan2707

❌ Exiting due to SVC_NOT_FOUND: Service 'undertow' was not found in 'p' namespace.
You may select another namespace by using 'minikube service undertow -n '. Or list out all the services using 'minikube service list'

@kundan2707
Copy link
Contributor

@nicolasduminil it seems you kep space between undertow and -np so its is searching in p namespace.
keep complete name undertow-np all together

@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 30, 2024
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Nov 29, 2024
@kundan2707
Copy link
Contributor

/remove-lifecycle rotten

@k8s-ci-robot k8s-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Dec 7, 2024
@kundan2707
Copy link
Contributor

@nicolasduminil have you tried again as suggested?

@envyst
Copy link

envyst commented Jan 11, 2025

@nicolasduminil can you share outcome of following command minikube service undertow-np --url

i have a similar case. i use minikube for learning purpose and this solve my problem when using NodePort.
Thanks a lot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kundan2707 kundan2707

Labels
sig/network Categorizes an issue or PR as relevant to SIG Network.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@nicolasduminil @k8s-ci-robot @k8s-triage-robot @kundan2707 @envyst @pranav-pandey0804