K8s azure VM nodes - can ping worker node from master node but cannot ping pod on worker node

Question

I have got a simple pod up and running on my worker node which I am trying to ping from my master node. I'm getting 100% packet loss.

What's working?

• The worker node itself can be pinged from the master node.
• The pod inside the worker node can be pinged from inside of the worker node.

What's not working?

• The master node trying to ping worker node's pod.

My take

I think there's a calico misconfiguration that has happened at the master node as the master node doesn't quite understand the IP of the pod.

Results of tracepath to the pod IP

masternode@Master:~$ tracepath 192.168.171.67
 1?: [LOCALHOST]                      pmtu 1440
 1:  no reply
 2:  no reply
 3:  no reply

Please help.

Answer 1

The Kubernetes pod network is not reachable from the control/data plane nodes. You can reach any Pod including control plane Pods between each other but not anything on the host.

The quoted Kubernetes Networking fundamentals from the docs :

• Pods on a node can communicate with all pods on all nodes without NAT
• Agents on a node (eg system daemons, kubelet) can communicate with all pods on that node. -- Note you can do this with docker for example, but not using the pod network.

Also, from the docs :

• Containers within a Pod use networking to communicate via loopback.
• Cluster networking provides communication between different Pods.
• The Service resource lets you expose an application running in Pods to be reachable from outside your cluster.
• You can also use Services to publish services only for consumption inside your cluster.