Kubernetes服务沟通isse - Kubedns

我有两个映射到两个服务并使用我的笔记本电脑上的虚拟框虚拟机运行的服务。我有kube dns工作。一个pod是一个web服务，另一个是mongodb。Kubernetes服务沟通isse - Kubedns

web应用荚的该规范是下面

spec: 
    containers: 
    - resources: 
     limits: 
      cpu: 0.5 
      . 
      . 
     name: wsemp 
     ports: 
     - containerPort: 8080 
    #  name: wsemp 
    #command: ["java","-Dspring.data.mongodb.uri=mongodb://192.168.6.103:30061/microservices", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"] 
    command: ["java","-Dspring.data.mongodb.uri=mongodb://mongoservice/microservices", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]

相应服务的规范

apiVersion: v1 
kind: Service 
metadata: 
    labels: 
    name: webappservice 
    name: webappservice 
spec: 
    ports: 
    - port: 8080 
    nodePort: 30062 
    targetPort: 8080 
    protocol: TCP 
    type: NodePort 
    selector: 
    name: webapp

MongoDB的荚果规格

apiVersion: v1 
kind: Pod 
metadata: 
    name: mongodb 
    labels: 
    name: mongodb 
spec: 
    containers: 
    . 
    . 
    name: mongodb 
    ports: 
    - containerPort: 27017

MongoDB的服务规范

apiVersion: v1 
kind: Service 
metadata: 
    labels: 
    name: mongodb 
    name: mongoservice 
spec: 
    ports: 
    - port: 27017 
    nodePort: 30061 
    targetPort: 27017 
    protocol: TCP 
    type: NodePort 
    selector: 
    name: mongodb

个

在服务网点更新的目标端口后评论

问题

的web应用程序在启动时不能够与mongoservice端口连接，并给出了这个错误在启动

Exception in monitor thread while connecting to server mongoservice:27017 
com.mongodb.MongoSocketOpenException: Exception opening socket 
at com.mongodb.connection.SocketStream.open(SocketStream.java:63) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at  com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:114) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:128) ~[mongodb-driver-core-3.2.2.jar!/:na] 
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_111] 
Caused by: java.net.ConnectException: Connection refused (Connection refused) 
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[na:1.8.0_111]

描述SVC

kubectl describe svc mongoservice 
Name:   mongoservice 
Namespace:  default 
Labels:   name=mongodb 
Selector:  name=mongodb 
Type:   NodePort 
IP:   10.254.146.189 
Port:   <unset> 27017/TCP 
NodePort:  <unset> 30061/TCP 
Endpoints:  172.17.99.2:27017 
Session Affinity: None 
No events. 

kubectl describe svc webappservice 
Name:   webappservice 
Namespace:  default 
Labels:   name=webappservice 
Selector:  name=webapp 
Type:   NodePort 
IP:   10.254.112.121 
Port:   <unset> 8080/TCP 
NodePort:  <unset> 30062/TCP 
Endpoints:  172.17.99.3:8080 
Session Affinity: None 
No events.

调试

[email protected]:/# nslookup mongoservice 
Server:  10.254.0.2 
Address: 10.254.0.2#53 

Non-authoritative answer: 
Name: mongoservice.default.svc.cluster.local 
Address: 10.254.146.189 

[email protected]:/# curl 10.254.146.189:27017 
curl: (7) Failed to connect to 10.254.146.189 port 27017: Connection refused 
[email protected]:/# curl mongoservice:27017 
curl: (7) Failed to connect to mongoservice port 27017: Connection refused 


sudo iptables-save | grep webapp 

-A KUBE-NODEPORTS -p tcp -m comment --comment "default/webappservice:" -m tcp --dport 30062 -j KUBE-MARK-MASQ 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/webappservice:" -m tcp --dport 30062 -j KUBE-SVC-NQBDRRKQULANV7O3 
-A KUBE-SEP-IE7EBTQCN7T6HXC4 -s 172.17.99.3/32 -m comment --comment "default/webappservice:" -j KUBE-MARK-MASQ 
-A KUBE-SEP-IE7EBTQCN7T6HXC4 -p tcp -m comment --comment "default/webappservice:" -m tcp -j DNAT --to-destination 172.17.99.3:8080 
-A KUBE-SERVICES -d 10.254.217.24/32 -p tcp -m comment --comment "default/webappservice: cluster IP" -m tcp --dport 8080 -j KUBE-SVC-NQBDRRKQULANV7O3 
-A KUBE-SVC-NQBDRRKQULANV7O3 -m comment --comment "default/webappservice:" -j KUBE-SEP-IE7EBTQCN7T6HXC4 
$ curl 10.254.217.24:8080 
{"timestamp":1486678423757,"status":404,"error":"Not Found","message":"No message available","path":"/"}[[email protected] ~]$ 


sudo iptables-save | grep mongodb 
[[email protected] ~]$ sudo iptables-save | grep mongo 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/mongoservice:" -m tcp --dport 30061 -j KUBE-MARK-MASQ 
-A KUBE-NODEPORTS -p tcp -m comment --comment "default/mongoservice:" -m tcp --dport 30061 -j KUBE-SVC-2HQWGC3WSIBZF7CN 
-A KUBE-SEP-FVWOWAWXXVAVIQ5O -s 172.17.99.2/32 -m comment --comment "default/mongoservice:" -j KUBE-MARK-MASQ 
-A KUBE-SEP-FVWOWAWXXVAVIQ5O -p tcp -m comment --comment "default/mongoservice:" -m tcp -j DNAT --to-destination 172.17.99.2:27017 
-A KUBE-SERVICES -d 10.254.146.189/32 -p tcp -m comment --comment "default/mongoservice: cluster IP" -m tcp --dport 27017 -j KUBE-SVC-2HQWGC3WSIBZF7CN 
-A KUBE-SVC-2HQWGC3WSIBZF7CN -m comment --comment "default/mongoservice:" -j KUBE-SEP-FVWOWAWXXVAVIQ5O 
[[email protected] ~]$ sudo curl 10.254.146.189:8080 
^C[[email protected] ~]$ sudo curl 10.254.146.189:27017 

It looks like you are trying to access MongoDB over HTTP on the native driver port. 


[email protected]:/# netstat -an 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address   Foreign Address   State  
tcp  0  0 0.0.0.0:27017   0.0.0.0:*    LISTEN  
tcp  0  0 172.17.99.2:60724  151.101.128.204:80  TIME_WAIT 
tcp  0  0 172.17.99.2:60728  151.101.128.204:80  TIME_WAIT

MongoDB的容器具有在启动时没有错误。

试图按照https://kubernetes.io/docs/user-guide/debugging-services/#iptables中的步骤操作，因为我不知道该怎么做，所以卡在“尝试重新启动kube-proxy并将-V标志设置为4”的部分。

我不是网络人，所以不知道如何以及需要分析什么。任何类型的调试提示都会有很大的帮助。

感谢。

来源

2017-02-09 Vikram

在webappservice和mongoservice中对NodePorts进行了评论，并且尝试过，因为它与虚拟框vms中的内部网络通信有关。端口： - 端口：27017 ＃nodePort：30061 targetPort：27017 protocol：TCP ＃type：NodePort。仍遇到相同的错误。。 – Vikram

谢谢。我对此有了一些线索，并且自从我使用法兰绒网络以来，法兰绒网络中的各个Pod之间的通信出现了问题。

特别这一部分，FLANNEL_OPTIONS = “ - IFACE = eth1的” 如在链接提到http://jayunit100.blogspot.com/2015/06/flannel-and-vagrant-heads-up.html

感谢。

来源

2017-02-14 15:06:31 Vikram

作为一个方面说明，有记住，卷曲默认情况下执行HTTP请求，但你要访问的主机的端口27017不绑定到一个理解这种协议的应用。通常情况下，你，你会在这些场景是什么netcat的使用：

nc -zv mongoservice 27017

该报告从这些主机的端口27017是开放与否。

NC = netcat的
-z扫描监听守护程序不发送数据
-v增加冗长

关于你的MongoDB的文件，你必须记住设置TARGETPORT指令。作为Kubernetes docs regarding targetPort:

This specification will create a Service which targets TCP port 80 on any Pod with the run: my-nginx label, and expose it on an abstracted Service port (targetPort: is the port the container accepts traffic on, port: is the abstracted Service port, which can be any port other pods use to access the Service). View service API object to see the list of supported fields in service definition.

解释。因此，只需将其设置为27017的一致性。

在遵循这些建议之后，您不应该遇到问题。保持良好的工作，尽可能地学习！

来源

2017-02-10 02:56:28

嗨大卫，感谢您的reply.Added TARGETPORT如MongoDB中，service.yaml文件提到的 “端口： - 端口：27017 nodePort：30061 TARGETPORT：27017当试图在容器给exec ” 根@ web应用程序：/ ＃nc -zv mongoservice 27017 mongoservice.default.svc.cluster.local [10.254.77.233] 27017（？）：连接被拒绝 – Vikram

webapp日志启动中仍然出现同样的错误。 **在监视器线程连接到服务器mongoservice时发生异常：27017 com.mongodb.MongoSocketOpenException：打开套接字的异常** 但是我在mongodb容器日志中看到它正在监听端口27017. ** MongoDB开始：pid = 1端口= 27017 dbpath =/data/db 64位主机= mongodb。等待27017港口的连接** – Vikram

iptables规则看起来不错，但不知道在你的kubernetes中使用了什么网络解决方案（flannel/calico）。您可以检查您是否可以从您的网络连接访问kube dns pod IP。

来源

2017-02-14 03:25:42

Kubernetes服务沟通isse - Kubedns

回答

相关问题