Connection Refused in-cluster but Port Forwarding works in Kubernetes
Question
I currently have the Hashicorp Vault helm chart deployed, v0.8.0. It works as intended, I can run port-forward svc/vault 8200:8200 -n vault and log in with vault login -tls-skip-verify , the pod isn't crashing, there are no problems.
I've been verifying configs in the cluster, so I wanted to test access to Vault from another namespace in the same cluster. dig vault.vault.svc.cluster.local resolves to the proper service construct. However, when I run curl -v -k https://vault.vault.svc.cluster.local:8200/v1/sys/health , I get connection refused.
I'm running an AKS Cluster on Kubernetes v1.18 with Azure Policy defaults and the Azure CNI. What would cause this connection refused problem?
1 answers
solution1
0 ACCPTED 2020-12-21 17:46:09
The comment @mdaniel left was what led me to solving the problem effectively. I had removed the address and cluster_address fields in the TCP listener config blocks as I forgot Vault only listens on 127.0.0.1. I put those back in and it solved the problem.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.