Open leonardas103 opened 4 years ago
Just figured it out. You run the curl command from one of the nodes. If you did the same as me you ran it on master.
Edit: It only worked from my first node. Still learning... probably should be available from all nodes 🤷♂
This is just a thoery, but I believe the issue here is that there's no external ip address associated with the service:
pi@raspberrypi2:~ $ kubectl get service markdownrender
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
markdownrender NodePort 10.106.161.23 <none> 8080:31118/TCP 17m
no external ip, only the cluster ip. You can access it only from the host it's scheduled on.
It has to do with the iptables of the pis that are preventing them from communicating. They have to be using leagcy binaries these three commands solved my problem:
sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
More on it here -> https://www.shogan.co.uk/kubernetes/building-a-raspberry-pi-kubernetes-cluster-part-1-routing/
On Wed, Mar 4, 2020, 12:40 AM Justin Abrahms notifications@github.com wrote:
This is just a thoery, but I believe the issue here is that there's no external ip address associated with the service:
pi@raspberrypi2:~ $ kubectl get service markdownrender NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE markdownrender NodePort 10.106.161.23
8080:31118/TCP 17m no external ip, only the cluster ip. You can access it only from the host it's scheduled on.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/teamserverless/k8s-on-raspbian/issues/24?email_source=notifications&email_token=AKQPGDTYPNOQM22GJZP2YQTRFXZXJA5CNFSM4K2WZLF2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOENWR4EQ#issuecomment-594353682, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKQPGDVAGLFJQJWRMY4WLTDRFXZXJANCNFSM4K2WZLFQ .
That website seems to suggest that those ip table rules are to allow the worker nodes to access the public internet via the primary node's internet connection. This was due to their odd networking configuration where the primary node served as a router for the worker nodes.
You are correct @justinabrahms but they should all be on the sames network in kubernetes so any node should be able to hit a cluster ip, which wasn't happening here. They should all be using one point of contact to the outside world through the master node. Doing this wont create a public ip but will make sure the master is holding that access point should you create one eventually. From my understanding that is what kubernetes should be doing. Im still learning though...
Wait... Those may be the wrong commands though.. One moment. Ill double check
I'm sorry you are right those were the wrong commands. you want these:
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo update-alternatives --set ebtables /usr/sbin/ebtables-legacy
@DwayneGit Thanks for your response. It seems that setting the iptables to legacy is critical for kubernetes with iptables-1.8.x.
Can someone please update the guide on k8s-on-raspbian/GUIDE.md to include this?
Following the guide in k8s-on-raspbian/GUIDE.md. When I run:
The HTTP request is sent but it is forever awaiting a response.
Environment
All pods are running
Node (raspberrypi3) successfully joins
I'm using the right port:
Routes show the 31118 port open
Comments
I believe I am missing something very simple. I already tried reset and init and the problem persists.