[英]Kubernetes service not accessible on IPv4
we currently have following Kubernetes setup (v1.13.1, setup with kubeadm
) with connectivity set up between them: 我们目前有以下Kubernetes设置(v1.13.1,使用
kubeadm
设置),并在它们之间建立了连接:
hostname:NodePort
hostname:NodePort
访问服务 We are experiencing issue with accessing services via NodePort
on 2 cloud worker nodes. 我们在通过2个云工作程序节点上的
NodePort
访问服务时遇到问题。 What is happening is that service is accessible via IPv6, but not via IPv4: 发生的事情是服务可以通过IPv6访问,但不能通过IPv4访问:
Thing is that both are working on bare metal nodes. 事实是两者都在裸机节点上工作。 If I use
netstat -napl | grep 30005
如果我使用
netstat -napl | grep 30005
netstat -napl | grep 30005
, I can see kube-proxy
is listening on this port ( tcp6
). netstat -napl | grep 30005
,我可以看到kube-proxy
正在侦听此端口( tcp6
)。 I presumed this means that it does not listen on tcp
, but aparently this is not the case (I have same picture on bare metal worker nodes): 我认为这意味着它不会在
tcp
监听,但是显然不是这样(我在裸机工作节点上有相同的图片):
tcp6 7 0 :::30005 :::* LISTEN 24658/kube-proxy
I have also read that services are using IPv6, but based on bare metal worker nodes, it seems there should not be a problem using IPv4 there as well. 我还读到服务正在使用IPv6,但是基于裸机辅助节点,使用IPv4似乎也应该没有问题。
Any idea what would cause that issue and how to solve it? 任何想法会导致该问题以及如何解决它吗?
Thank you and best regards, Bostjan 谢谢您,最好的问候,Bostjan
In case someone stumbles upon same issue, there was issue with unopened ports on FW for flannel
network overlay: 如果有人偶然发现了相同的问题,则存在FW上未打开的端口用于
flannel
网覆盖的问题:
8285 UDP
- flannel UDP backend 8285 UDP
法兰绒UDP后端 8472 UDP
- flannel vxlan backend 8472 UDP
法兰绒vxlan后端
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.