Kubernetes服務溝通isse - Kubedns

我有兩個映射到兩個服務並使用我的筆記本電腦上的虛擬框虛擬機運行的服務。我有kube dns工作。一個pod是一個web服務，另一個是mongodb。Kubernetes服務溝通isse - Kubedns

web應用莢的該規範是下面

spec: 
    containers: 
    - resources: 
     limits: 
      cpu: 0.5 
      . 
      . 
     name: wsemp 
     ports: 
     - containerPort: 8080 
    #  name: wsemp 
    #command: ["java","-Dspring.data.mongodb.uri=mongodb://192.168.6.103:30061/microservices", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"] 
    command: ["java","-Dspring.data.mongodb.uri=mongodb://mongoservice/microservices", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]

相應服務的規範

apiVersion: v1 
kind: Service 
metadata: 
    labels: 
    name: webappservice 
    name: webappservice 
spec: 
    ports: 
    - port: 8080 
    nodePort: 30062 
    targetPort: 8080 
    protocol: TCP 
    type: NodePort 
    selector: 
    name: webapp

MongoDB的莢果規格

apiVersion: v1 
kind: Pod 
metadata: 
    name: mongodb 
    labels: 
    name: mongodb 
spec: 
    containers: 
    . 
    . 
    name: mongodb 
    ports: 
    - containerPort: 27017

MongoDB的服務規範

apiVersion: v1 
kind: Service 
metadata: 
    labels: 
    name: mongodb 
    name: mongoservice 
spec: 
    ports: 
    - port: 27017 
    nodePort: 30061 
    targetPort: 27017 
    protocol: TCP 
    type: NodePort 
    selector: 
    name: mongodb

個

在服務網點更新的目標端口後評論

問題

的web應用程序在啓動時不能夠與mongoservice端口連接，並給出了這個錯誤在啓動

Exception in monitor thread while connecting to server mongoservice:27017 
com.mongodb.MongoSocketOpenException: Exception opening socket 
at com.mongodb.connection.SocketStream.open(SocketStream.java:63) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at  com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:114) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:128) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_111] 
Caused by: java.net.ConnectException: Connection refused (Connection refused) 
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[na:1.8.0_111]

描述SVC

kubectl describe svc mongoservice 
Name:   mongoservice 
Namespace:  default 
Labels:   name=mongodb 
Selector:  name=mongodb 
Type:   NodePort 
IP:   10.254.146.189 
Port:   <unset> 27017/TCP 
NodePort:  <unset> 30061/TCP 
Endpoints:  172.17.99.2:27017 
Session Affinity: None 
No events. 

kubectl describe svc webappservice 
Name:   webappservice 
Namespace:  default 
Labels:   name=webappservice 
Selector:  name=webapp 
Type:   NodePort 
IP:   10.254.112.121 
Port:   <unset> 8080/TCP 
NodePort:  <unset> 30062/TCP 
Endpoints:  172.17.99.3:8080 
Session Affinity: None 
No events.

調試

[email protected]:/# nslookup mongoservice 
Server:  10.254.0.2 
Address: 10.254.0.2#53 

Non-authoritative answer: 
Name: mongoservice.default.svc.cluster.local 
Address: 10.254.146.189 

[email protected]:/# curl 10.254.146.189:27017 
curl: (7) Failed to connect to 10.254.146.189 port 27017: Connection refused 
[email protected]:/# curl mongoservice:27017 
curl: (7) Failed to connect to mongoservice port 27017: Connection refused 


sudo iptables-save | grep webapp 

-A KUBE-NODEPORTS -p tcp -m comment --comment "default/webappservice:" -m tcp --dport 30062 -j KUBE-MARK-MASQ 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/webappservice:" -m tcp --dport 30062 -j KUBE-SVC-NQBDRRKQULANV7O3 
-A KUBE-SEP-IE7EBTQCN7T6HXC4 -s 172.17.99.3/32 -m comment --comment "default/webappservice:" -j KUBE-MARK-MASQ 
-A KUBE-SEP-IE7EBTQCN7T6HXC4 -p tcp -m comment --comment "default/webappservice:" -m tcp -j DNAT --to-destination 172.17.99.3:8080 
-A KUBE-SERVICES -d 10.254.217.24/32 -p tcp -m comment --comment "default/webappservice: cluster IP" -m tcp --dport 8080 -j KUBE-SVC-NQBDRRKQULANV7O3 
-A KUBE-SVC-NQBDRRKQULANV7O3 -m comment --comment "default/webappservice:" -j KUBE-SEP-IE7EBTQCN7T6HXC4 
$ curl 10.254.217.24:8080 
{"timestamp":1486678423757,"status":404,"error":"Not Found","message":"No message available","path":"/"}[[email protected] ~]$ 


sudo iptables-save | grep mongodb 
[[email protected] ~]$ sudo iptables-save | grep mongo 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/mongoservice:" -m tcp --dport 30061 -j KUBE-MARK-MASQ 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/mongoservice:" -m tcp --dport 30061 -j KUBE-SVC-2HQWGC3WSIBZF7CN 
-A KUBE-SEP-FVWOWAWXXVAVIQ5O -s 172.17.99.2/32 -m comment --comment "default/mongoservice:" -j KUBE-MARK-MASQ 
-A KUBE-SEP-FVWOWAWXXVAVIQ5O -p tcp -m comment --comment "default/mongoservice:" -m tcp -j DNAT --to-destination 172.17.99.2:27017 
-A KUBE-SERVICES -d 10.254.146.189/32 -p tcp -m comment --comment "default/mongoservice: cluster IP" -m tcp --dport 27017 -j KUBE-SVC-2HQWGC3WSIBZF7CN 
-A KUBE-SVC-2HQWGC3WSIBZF7CN -m comment --comment "default/mongoservice:" -j KUBE-SEP-FVWOWAWXXVAVIQ5O 
[[email protected] ~]$ sudo curl 10.254.146.189:8080 
^C[[email protected] ~]$ sudo curl 10.254.146.189:27017 

It looks like you are trying to access MongoDB over HTTP on the native driver port. 


[email protected]:/# netstat -an 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address   Foreign Address   State  
tcp  0  0 0.0.0.0:27017   0.0.0.0:*    LISTEN  
tcp  0  0 172.17.99.2:60724  151.101.128.204:80  TIME_WAIT 
tcp  0  0 172.17.99.2:60728  151.101.128.204:80  TIME_WAIT

MongoDB的容器具有在啓動時沒有錯誤。

試圖按照https://kubernetes.io/docs/user-guide/debugging-services/#iptables中的步驟操作，因爲我不知道該怎麼做，所以卡在「嘗試重新啓動kube-proxy並將-V標誌設置爲4」的部分。

我不是網絡人，所以不知道如何以及需要分析什麼。任何類型的調試提示都會有很大的幫助。

感謝。

來源

2017-02-09 Vikram

在webappservice和mongoservice中對NodePorts進行了評論，並且嘗試過，因爲它與虛擬框vms中的內部網絡通信有關。端口： - 端口：27017 ＃nodePort：30061 targetPort：27017 protocol：TCP ＃type：NodePort。仍遇到相同的錯誤。。 – Vikram

謝謝。我對此有了一些線索，並且自從我使用法蘭絨網絡以來，法蘭絨網絡中的各個Pod之間的通信出現了問題。

特別這一部分，FLANNEL_OPTIONS = 「 - IFACE = eth1的」如在鏈接提到http://jayunit100.blogspot.com/2015/06/flannel-and-vagrant-heads-up.html

感謝。

來源

2017-02-14 15:06:31 Vikram

作爲一個方面說明，有記住，捲曲默認情況下執行HTTP請求，但你要訪問的主機的端口27017不綁定到一個理解這種協議的應用。通常情況下，你，你會在這些場景是什麼netcat的使用：

nc -zv mongoservice 27017

該報告從這些主機的端口27017是開放與否。

NC = netcat的
-z掃描監聽守護程序不發送數據
-v增加冗長

關於你的MongoDB的文件，你必須記住設置TARGETPORT指令。作爲Kubernetes docs regarding targetPort:

This specification will create a Service which targets TCP port 80 on any Pod with the run: my-nginx label, and expose it on an abstracted Service port (targetPort: is the port the container accepts traffic on, port: is the abstracted Service port, which can be any port other pods use to access the Service). View service API object to see the list of supported fields in service definition.

解釋。因此，只需將其設置爲27017的一致性。

在遵循這些建議之後，您不應該遇到問題。保持良好的工作，儘可能地學習！

來源

2017-02-10 02:56:28

嗨大衛，感謝您的reply.Added TARGETPORT如MongoDB中，service.yaml文件提到的「端口： - 端口：27017 nodePort：30061 TARGETPORT：27017當試圖在容器給exec 」根@ web應用程序：/ ＃nc -zv mongoservice 27017 mongoservice.default.svc.cluster.local [10.254.77.233] 27017（？）：連接被拒絕 – Vikram

webapp日誌啓動中仍然出現同樣的錯誤。 **在監視器線程連接到服務器mongoservice時發生異常：27017 com.mongodb.MongoSocketOpenException：打開套接字的異常** 但是我在mongodb容器日誌中看到它正在監聽端口27017. ** MongoDB開始：pid = 1端口= 27017 dbpath =/data/db 64位主機= mongodb。等待27017港口的連接** – Vikram

iptables規則看起來不錯，但不知道在你的kubernetes中使用了什麼網絡解決方案（flannel/calico）。您可以檢查您是否可以從您的網絡連接訪問kube dns pod IP。

來源

2017-02-14 03:25:42

Kubernetes服務溝通isse - Kubedns

回答

相關問題