Service request routing when no Pods available

michele.curioni · September 17, 2019, 5:21pm

Hi there,
I’m dealing with a strange issue. I have some containers that are trying to send TCP requests to a service within K8s cluster, but somehow these requests are routed outside K8s.
They hit a perimeter firewall.
The service doesn’t have any endpoints because the backing pods are failing to start, so I accept that requests to the service will fail, but I wasn’t expecting these requests to be routed elsewhere.
Any idea what could be causing this?

Thanks,
Michele

Cluster information:

Kubernetes version:1.12
Cloud being used: bare-metal
Installation method:
Host OS: CoreOS
CNI and version: Flannel
CRI and version:

thockin · September 17, 2019, 5:52pm

What k8s version? In the last few releases we have been patching gaps that sound like this, to return ICMP rejection rather than letting service IPs “fall through”.

michele.curioni · September 18, 2019, 11:42am

K8s 1.12.3

Michele

thockin · September 18, 2019, 3:25pm

So, I suspect this bug has been fixed since then. 1.12 is beyond the backport horizon we typically support, but is there any way you can try against a more recent kube-proxy?

michele.curioni · September 18, 2019, 3:31pm

We are due to upgrade to 1.13 in the next couple of weeks, so we’ll know then.
Thanks

Topic		Replies	Views
K8S outtrafic pod General Discussions	12	1838	November 17, 2019
Pod traffic not routed correctly General Discussions	0	706	December 22, 2020
Regarding redirect request from service to pod General Discussions service , deployment	1	123	June 16, 2024
Is it normal to be unable to curl a Kubernetes service's ClusterIP from inside a pod? General Discussions development , network	2	171	October 8, 2024
Kubectl works and all the pods are up but no traffic goes through General Discussions	6	1894	October 17, 2019

Service request routing when no Pods available

Cluster information:

Related Topics