kubernetes: cannot use the vip to access the nodeport

[root@k8s-m3 ~]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fa:16:3e:d6:d2:99 brd ff:ff:ff:ff:ff:ff
    inet 172.16.1.9/24 brd 172.16.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 172.16.1.240/24 scope global secondary eth0
       valid_lft forever preferred_lft forever
[root@k8s-m3 ~]# curl -I 172.16.1.9:30394
HTTP/1.1 200 OK
Server: nginx/1.15.9
Date: Mon, 18 Mar 2019 15:22:10 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 26 Feb 2019 14:13:39 GMT
Connection: keep-alive
ETag: "5c754993-264"
Accept-Ranges: bytes

[root@k8s-m3 ~]# curl -I 172.16.1.240:30394
^C
[root@k8s-m3 ~]# grep bind /etc/kubernetes/kube-proxy.conf 
bindAddress: 0.0.0.0

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 36 (12 by maintainers)

Most upvoted comments

You can also configure kube-proxy to solve https://github.com/kubernetes/kube-proxy/blob/master/config/v1alpha1/types.go#L158

+1
zhangguanzhang on Jan 14, 2020

this is caused by the vip worked in secondary interface. wrong: inet 172.16.1.240/24 scope global secondary eth0 correct: inet 172.16.1.240/24 scope global eth0 so you should change vip mask to 32 not 24, like 172.16.1.240/32 to avoid in secondary or slave status.

+1
chenqiangzhishen on Jan 8, 2020
Read more comments on GitHub
← kubernetes: Cannot use hostAliases when mounting files in /etc
kubernetes: Can't access cluster master endpoint after upgrade from 1.5.4 to 1.6.0 →