Failed to access internet in pod on hyper-v vm node

[yanrunming]

I want to deploy a TCP/UDP client in win10 node. I have three nodes in k2s cluster(v1.1.1): master, win10 worker(172.20.1.2), Jetson worker. And the master and the win10 worker are in hyper-v. I can't access the external network in pods on win10 worker. At the same time, pods on jetson worker could.

# in pod (172.20.1.3) on win10 node, failed to access www.bing.com or its IP
curl www.bing.com  

# in pod on jetson node, failed to access www.bing.com by domain name, but could access its IP
curl www.bing.com 
curl: (6) could not resolve host: www.bing.com

curl 202.89.233.100 # could get its responses

I notice httpproxy's parameter contains "--allow-cidr 172.20.0.0/16" and according to httpproxy doc win10 node vm should have internet access.

[krotz-dieter]

Please use -x http://172.19.1.1:8181 for curl.

[yanrunming]

Thanks, dieter! Could httpproxy support general TCP/UDP traffic? I plan to deploy a DICOM node in win pod, and it includes a tcp server and a tcp client.

[krotz-dieter]

K2s default is the offline use case. If in some pods internet connectivity is needed, then for http the http://172.19.1.1:8181/ needs to be used. For exposing raw TCP/IP like DICOM DIMSE I would recommend either to use the ingress nginx with https://github.com/kubernetes/ingress-nginx/blob/e8d81034b8f6b3308caac85280e4cf3d93baee1c/docs/user-guide/exposing-tcp-udp-services.md or a node port on the host exposing the DICOM functionality.

Just for info, we are also introducing an addon dicom which offers DICOM DIMSE and DICOMWeb, you see it already on branch 801-addons-dicom.

[yanrunming]

Hi, dieter. I am not sure if I made myself clear. My program is a tcp/udp client and runs in pod of the win worker node. Could the ingress-nginx act as a tcp/udp proxy, similar with http-proxy supporting pods access the external server? In this case, I didn't mean to expose the server in pods. I tested in some situations On master NODE, I could run

curl -x http://172.19.1.1:8181 www.bing.com

In the win-nanoserver-based POD of win node, I can not access the external and even ping the http-proxy

curl -x http://172.19.1.1:8181 www.bing.com # failed
ping 172.19.1.1 # failed

Thanks for your patience!

[krotz-dieter]

Is your machine in an network where you have a proxy ? Do you have NAT enabled for your VM ? There could be multiple reasons why the connection cannot work, please invite for next week for a meeting where we can look for the reason of failure.