无法访问EC2上的Kubernetes公开服务 [英] Kubernetes exposed service on EC2 not accessible

问题描述

我让EC2实例上运行的Kubernetes Master和Minions能够使用以下命令成功部署示例应用程序

I have Kubernetes Master and Minions running on EC2 instances and was able to successfully deploy an example app with below commands

kubectl run hello-world --image=gcr.io/google_containers/echoserver:1.4 --port=8080

kubectl expose deployment hello-world --type=NodePort

现在可从端口30013外部使用哪些端口:

Which is now available externally from port 30013:

NAME           CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
hello-world    10.43.95.16     <nodes>       8080:30013/TCP   1h

我现在正试图通过访问此Kubernetes Minion节点的EC2实例私有IP及其端口号为30013来访问此端口，但根本无法连接.

I'm now trying to access this by visiting EC2 instance private IP of this Kubernetes Minion node and its port number as 30013 but is not able to connect at all.

我已经检查了AWS的安全组，并且此端口已打开并且已连接到EC2实例.我想不出会停止访问该应用程序的任何其他方式.

I've checked security group of AWS and this port is open and is attached to the EC2 instance. I cannot think of anything else that would stop accessing the application.

使用Kubernetes公开服务的AWS网络是否存在任何已知问题?

Is there any known issues with AWS networking with Kubernetes exposed services?

推荐答案

它应该可以工作(并且可以在我的AWS集群上工作).您确定使用的是eth0接口的IP地址和nop crb0或其他名称吗? EC2实例只有一个接口并映射了公共地址，因此从EC2内部看并没有太大区别.

It should work (and it works on my cluster on AWS). Are you sure you are using the IP address of the eth0 interface and nop crb0 or something else? EC2 instances just have one interface and the public address is mapped, so from inside the EC2 is not much difference.

此外，您应该可以在端口8080上联系10.43.95.16或仅使用DNS名称.如果要从k8s应用程序连接到其他服务，则应使用该服务(节点崩溃不会影响通信等)

Also, you should be able to contact 10.43.95.16 on port 8080 or just use the DNS name. If you want to connect to other services from a k8s app, you should use that (no node crash will affect the communication, etc.)

这篇关于无法访问EC2上的Kubernetes公开服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！