Comments (3)
shettyg
commented on July 21, 2024
Couple of things.
-
Can you try accessing 10.10.0.11:31269 from outside of your cluster (say from your host and not from VMs). Since in the vagrant we share the same IP for mgmt as well as data, access of it from inside the cluster does not work.
-
In your case of sshing into "apachetwin" and accessing curl 192.168.200.252:8800, you are effectively asking to loadbalance back to yourself, which won't work. You can create
a) Try to access 'curl 192.168.200.252:8800' from a k8s-master (or other VMs). Try to access 'curl 192.168.200.98:8800' from the VMs too.
b) Create a new pod (unrelated to the service) and try to access 'curl 192.168.200.98:8800' from it.
from ovn-kubernetes.
gopinatht
commented on July 21, 2024
@shettyg Many thanks for the explanation. Both your scenarios (from host and service IP from VM) work.
We can close this case.
I am interested in understanding how the kubernetes service IP is accessible from the VM. Is there any documentation around this? Also, why are the Pods not able to reach the internet? How can I program the switch to allow access to internet for the pods?
from ovn-kubernetes.
shettyg
commented on July 21, 2024
I am interested in understanding how the kubernetes service IP is accessible from the VM.
When we initialize the setup by running, "ovn-k8s-overlay master-init" or "ovn-k8s-overlay minion-init", we create a OVS interface on that VM which and give it a IP address. For e.g., If you run
ovn-k8s-overlay master-init \
--cluster-ip-subnet="192.168.0.0/16" \
--master-switch-subnet="192.168.1.0/24" \
--node-name="kube-master"
We create a OVS device (a logical switch port in the virtual world) on "kube-master" with IP 192.168.1.2/24 and add a routing entry on host that says 192.168.0.0/16 is reachable from 192.168.1.2/24 via 192.168.1.1. That is how you can access service IPs from inside the nodes.
Also, why are the Pods not able to reach the internet?
That is because in the vagrant, the interface via which we add nodeport is not connected to the internet. It is private. If you create the same setup in real world where the interface that we provide for OVN gateways in 'ovn-k8s-overlay gateway-init' (on which we program nodeport) has reachability for outside internet, it will automatically work.
from ovn-kubernetes.
Related Issues (20)
- node deletion results stale lsps and IP leaking on layer2/localnet networks HOT 1
- UT Flake: `handles a HO node is switched to a OVN node` is flaking HOT 3
- Flake e2e: ACL Logging for NetworkPolicy when the namespace's ACL logging annotation is updated
- Load Balancer Service Tests with MetalLB [It] Should ensure load balancer service works with 0 node ports when ETP=local
- Cleanup Hardware Offload docs
- Cleanup DPU Support/Acceleration docs
- Cleanup Kubevirt Live Migration docs HOT 2
- Cleanup MultiNetworking Docs HOT 1
- Cleanup DNS name resolver docs HOT 1
- Add proper docs for observability, grafana dashboards, metrics
- Fix the PR labeler action
- FLAKE: External Gateway With Admin Policy Based External Route CRs e2e multiple external gateway validation Should validate ICMP connectivity to multiple external gateways for an ECMP scenario IPV4 HOT 1
- Flake: should work on secondary node interfaces for ETP=local and ETP=cluster when backend pods are also served by EgressIP HOT 2
- ovn-kube-f and ovn-kube-u image renaming was incomplete HOT 1
- Support EgressIP for user defined networks
- Flake: [FAIL] External Gateway With Admin Policy Based External Route CRs e2e non-vxlan external gateway through a gateway pod Should validate ICMP connectivity to an external gateway's loopback address via a gateway pod [It] ipv4 HOT 2
- [FAIL] e2e egress firewall policy validation with external containers [It] Should validate the egress firewall policy functionality for allowed IP HOT 6
- Upgrades tests operation cancelled
- e2e EgressQoS validation -- account for single stack cluster
- Transit switch subnet overlap check is missing HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ovn-kubernetes.