无法在Kubernetes中的不同节点上运行的pod之间进行通信
[英]Unable to communicate between pods running on different nodes in Kubernetes
问题描述
I have been building a distributed load testing application using Kubernetes and Locust ( similar to this ). 
我一直在使用Kubernetes和Locust( 类似于此 )构建分布式负载测试应用程序。
I currently have a multi-node cluster running on bare-metal (running on an Ubuntu 18.04 server, set up using Kubeadm, and with Flannel as my pod networking addon). 我目前有一个在裸机上运行的多节点集群(在Ubuntu 18.04服务器上运行,使用Kubeadm设置,并使用Flannel作为我的pod网络插件)。
The architecture of my cluster is as follows: 我的集群的架构如下:
- I have a 'master instance' of the Locust application running on my master node. 我有一个在我的主节点上运行的Locust应用程序的“主实例”。
- I have 'slave instances' of the Locust application running on all of my other nodes. 我在所有其他节点上运行了Locust应用程序的“slave实例”。 These slave instances must be able to bind to a port (5558 by default) of the master instance. 这些从属实例必须能够绑定到主实例的端口(默认为5558)。
As of now, I don't believe that that is happening . 截至目前,我不相信这种情况正在发生 。 My cluster shows that all of my deployments are healthy and running , however I am unable to access the logs of any of my slave instances which are running on nodes other than my master node. 我的群集显示我的所有部署都运行良好并且正在运行 ,但是我无法访问在我的主节点以外的节点上运行的任何从属实例的日志。 This leads me to believe that my pods are unable to communicate with each other across different nodes. 这让我相信我的pod无法在不同节点之间相互通信。
Is this an issue with my current networking or deployment setups (I followed the linked guides pretty-much verbatim)? 这是我目前的网络或部署设置的问题(我非常逐字地跟着链接的指南)? Where should I start in debugging this issue? 我应该从哪里开始调试此问题?
3 个解决方案
解决方案1
0 2018-07-03 04:12:09
How slaves instances try to join the master instance. 从属实例如何尝试加入主实例。 You have to create master service (with labels) to access master pod. 您必须创建主服务(带标签)才能访问主pod。 Also, make sure your SDN is up and master is reachable to slave instances. 此外,请确保您的SDN已启动且主服务器可以访问主服务器实例。 You can test using telnet to master pod IP from slave instances. 您可以使用telnet测试从从属实例中控制pod IP。
解决方案2
0 2018-07-03 13:57:58
Based on your description of the problem I can guess that you have a connection problem caused by firewall or network misconfiguration. 根据您对问题的描述,我可以猜测您遇到了由防火墙或网络配置错误导致的连接问题。
From the network perspective, there are requirements mentioned in Kubernetes documentation : 从网络角度来看,Kubernetes 文档中提到了一些要求:
- all containers can communicate with all other containers without NAT
- all nodes can communicate with all containers (and vice-versa) without NAT
- the IP that a container sees itself as is the same IP that others see it as
From the firewall perspective, you need to ensure the cluster traffic can pass the firewall on the nodes. 从防火墙的角度来看,您需要确保群集流量可以通过节点上的防火墙。
Here is the list of ports you should have opened on the nodes provided by CoreOS website: 以下是您应该在CoreOS网站提供的节点上打开的端口列表:
Master node inbound: TCP: 443 from Worker Nodes, API Requests, and End-Users
UDP: 8285,8472 from Master & Worker Nodes
Worker node inbound: TCP: 10250 from Master Nodes
TCP: 10255 from Heapster
TCP: 30000-32767 from External Application Consumers
TCP: 1-32767 from Master & Worker Nodes
TCP: 179 from Worker Nodes
UDP: 8472 from Master & Worker Nodes
UPD: 179 from Worker Nodes
Etcd node inbound: TCP: 2379-2380 from Master & Worker Nodes
解决方案3
0 2018-07-03 16:16:01
see ip forwarding is enabled on all the nodes. 在所有节点上启用了ip forwarding。
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
if not enable it like this and test it. 如果不是这样启用它并测试它。
echo 1 > /proc/sys/net/ipv4/ip_forward
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.