kube-proxy

NodePort services not available on all nodes

时光总嘲笑我的痴心妄想 提交于 2020-02-22 05:15:41
问题 I'm attempting to run a 3-node Kubernetes cluster. I have the cluster up and running sufficiently that I have services running on different nodes. Unfortunately, I don't seem to be able to get NodePort based services to work correctly (as I understand correctness anyway...). My issue is that any NodePort services I define are available externally only on the node where their pod is running, and my understanding is that they should be available externally on any node in the cluster. One

NodePort services not available on all nodes

假如想象 提交于 2020-02-22 05:14:06
问题 I'm attempting to run a 3-node Kubernetes cluster. I have the cluster up and running sufficiently that I have services running on different nodes. Unfortunately, I don't seem to be able to get NodePort based services to work correctly (as I understand correctness anyway...). My issue is that any NodePort services I define are available externally only on the node where their pod is running, and my understanding is that they should be available externally on any node in the cluster. One

NodePort services not available on all nodes

我们两清 提交于 2020-02-22 05:13:05
问题 I'm attempting to run a 3-node Kubernetes cluster. I have the cluster up and running sufficiently that I have services running on different nodes. Unfortunately, I don't seem to be able to get NodePort based services to work correctly (as I understand correctness anyway...). My issue is that any NodePort services I define are available externally only on the node where their pod is running, and my understanding is that they should be available externally on any node in the cluster. One

Terraform external data in metadata_startup_script

痞子三分冷 提交于 2020-01-06 06:36:27
问题 I'm going to parsing a token value from other .tf file into other .tf file I have tried to understand this link and also from this article data.tf data "external" "get_token" { program = ["/bin/sh", "${path.module}/get-token.sh"] } get-token.sh #!/bin/bash token=$(kubectl -n kube-system exec [POD_NAME] cat /var/lib/kube-proxy/kubeconfig 2>/dev/null | grep token | awk '{print $2}' proxy.tf ... metadata_startup_script = <<-EOT - name: kube-proxy user: token: ${lookup(data.external.get_token

Terraform external data in metadata_startup_script

喜夏-厌秋 提交于 2020-01-06 06:36:14
问题 I'm going to parsing a token value from other .tf file into other .tf file I have tried to understand this link and also from this article data.tf data "external" "get_token" { program = ["/bin/sh", "${path.module}/get-token.sh"] } get-token.sh #!/bin/bash token=$(kubectl -n kube-system exec [POD_NAME] cat /var/lib/kube-proxy/kubeconfig 2>/dev/null | grep token | awk '{print $2}' proxy.tf ... metadata_startup_script = <<-EOT - name: kube-proxy user: token: ${lookup(data.external.get_token

kube-proxy in iptables mode is not working

a 夏天 提交于 2019-12-22 06:26:31
问题 I have Kubernetes: v.1.1.1 iptables v1.4.21 kernel: 4.2.0-18-generic which come with Ubuntu wily Networking is done via L2 VLAN terminated on switch no cloud provider what I do I'm experimenting with iptables mode for kube-proxy. I have enabled it with --proxy_mode=iptables argument. It seems some rule is missing: iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 8 packets, 459 bytes) pkts bytes target prot opt in out source destination 2116 120K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0

kube-proxy in iptables mode is not working

有些话、适合烂在心里 提交于 2019-12-22 06:26:23
问题 I have Kubernetes: v.1.1.1 iptables v1.4.21 kernel: 4.2.0-18-generic which come with Ubuntu wily Networking is done via L2 VLAN terminated on switch no cloud provider what I do I'm experimenting with iptables mode for kube-proxy. I have enabled it with --proxy_mode=iptables argument. It seems some rule is missing: iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 8 packets, 459 bytes) pkts bytes target prot opt in out source destination 2116 120K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0

How to debug error in kube-proxy: Connection reset by peer

依然范特西╮ 提交于 2019-12-10 19:05:57
问题 I got errors in my kube-proxy: E0107 21:48:57.738867 1 proxysocket.go:160] I/O error: read tcp 10.2.11.253:37568: connection reset by peer How can I trace quickly which pod has IP 10.2.11.253 ? And how can I know which request that was, from which pod to which pod? Or can we change the kube-proxy log level to verbose or debug? I got another errors, same connection reset error, but the IP is a node's IP E0107 21:52:53.483363 1 proxysocket.go:160] I/O error: read tcp 192.168.166.180:11732:

kube-proxy in iptables mode is not working

荒凉一梦 提交于 2019-12-05 09:16:31
I have Kubernetes: v.1.1.1 iptables v1.4.21 kernel: 4.2.0-18-generic which come with Ubuntu wily Networking is done via L2 VLAN terminated on switch no cloud provider what I do I'm experimenting with iptables mode for kube-proxy. I have enabled it with --proxy_mode=iptables argument. It seems some rule is missing: iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 8 packets, 459 bytes) pkts bytes target prot opt in out source destination 2116 120K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */ Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target

What does userspace mode means in kube-proxy's proxy mode?

孤人 提交于 2019-12-03 18:40:43
问题 kube-proxy has an option called --proxy-mode,and according to the help message, this option can be userspace or iptables .(See below) # kube-proxy -h Usage of kube-proxy: ... --proxy-mode="": Which proxy mode to use: 'userspace' (older, stable) or 'iptables' (experimental). If blank, look at the Node object on the Kubernetes API and respect the 'net.experimental.kubernetes.io/proxy-mode' annotation if provided. Otherwise use the best-available proxy (currently userspace, but may change in
订阅 kube-proxy