1. 首頁
  2. 問答
  3. Kubernetes - 連接拒絕診斷

Kubernetes - 連接拒絕診斷

2017-03-14 92 views
0

我有一個正在運行的GCP Kubernetes集羣。我設法部署了一些服務,並使用kubectl expose ... type =「LoadBalancer」成功地公開了它們......但是,一個特定的新服務無法正常工作。我知道可能有一千個原因需要檢查,但是我構建的Docker鏡像非常緊湊,所以我找不到有用的工具通過pod或容器中的kubectl exec運行。Kubernetes - 連接拒絕診斷

問題:什麼可能是我的診斷選項使用任何可能的羣集工具只?我可以檢查什麼樣的日誌,或者我可以讀取哪些環境變量?

更新:

$ kubectl得到莢

NAME        READY  STATUS RESTARTS AGE 
helianto-mailer-1024769093-6407d 2/2  Running 0   6d 
helianto-spring-2246525676-l54p9 2/2  Running 0   6d 
iservport-shipfo-12873703-wrh37 2/2  Running 0   13h

$ kubectl描述莢iservport-shipfo-12873703-wrh37

Name:   iservport-shipfo-12873703-wrh37 
Namespace:  default 
Node:   gke-iservport01-default-pool-xxx/xx.xx.xx.xx 
Start Time:  Tue, 14 Mar 2017 17:28:18 -0300 
Labels:   app=SHIPFO 
       pod-template-hash=12873703 
Status:   Running 
IP:    yy.yy.yy.yy 
Controllers: ReplicaSet/iservport-shipfo-12873703 
Containers: 
    iservport-shipfo: 
    Container ID:   docker://... 
Image:    us.gcr.io/mvps-156214/iservport-xxx 
Image ID:   docker://... 
    Port:    8085/TCP 
    Requests: 
     cpu:    100m 
    State:    Running 
     Started:   Tue, 14 Mar 2017 17:28:33 -0300 
    Ready:    True 
    Restart Count:  0 
    Volume Mounts: 
     /var/run/secrets/kubernetes.io/serviceaccount from default-token-mmeza (ro) 
    Environment Variables: 
    SPRING_PROFILES_ACTIVE: gcp 
     HELIANTO_MAILER_URL:  http://10.35.254.197:8082 
    cloudsql-proxy: 
    Container ID:  docker://... 
    Image:    b.gcr.io/cloudsql-docker/gce-proxy:1.05 
    Image ID:   docker://... 
    Port:    
    Command: 
    /cloud_sql_proxy 
    --dir=/cloudsql 
    -instances=mvps-156214:us-east1-b:helianto01=tcp:3306 
    -credential_file=/secrets/cloudsql/credentials.json 
    Requests: 
     cpu:    100m 
    State:    Running 
     Started:   Tue, 14 Mar 2017 17:28:33 -0300 
    Ready:    True 
    Restart Count:  0 
    Volume Mounts: 
     /cloudsql from cloudsql (rw) 
     /etc/ssl/certs from ssl-certs (rw) 
     /secrets/cloudsql from cloudsql-oauth-credentials (ro) 
     /var/run/secrets/kubernetes.io/serviceaccount from default-token-mmeza (ro) 
    Environment Variables:  <none> 
Conditions: 
Type   Status 
    Initialized True 
    Ready   True 
    PodScheduled True 
Volumes: 
    cloudsql-oauth-credentials: 
    Type:  Secret (a volume populated by a Secret) 
    SecretName: cloudsql-oauth-credentials 
    ssl-certs: 
    Type:  HostPath (bare host directory volume) 
    Path:  /etc/ssl/certs 
    cloudsql: 
    Type:  EmptyDir (a temporary directory that shares a pod's lifetime) 
    Medium:  
    default-token-mmeza: 
    Type:  Secret (a volume populated by a Secret) 
    SecretName: default-token-mmeza 
QoS Class:  Burstable 
Tolerations: <none> 
No events.

$ kubectl得到SVC

NAME      CLUSTER-IP  EXTERNAL-IP  PORT(S)      AGE 
helianto-mailer-service 10.35.254.197 <nodes>   443:32178/TCP,80:30771/TCP 12d 
helianto-spring   10.35.241.27 xxx.xxx.xxx.xxx 80:30974/TCP     52d 
iservport-shipfo   10.35.240.129 xx.xxx.xxx.xxx 80:32598/TCP     14h 
kubernetes    10.35.240.1  <none>   443/TCP      53d

$ kubectl描述SVC iservport-shipfo

Name:     iservport-shipfo 
Namespace:    default 
Labels:     app=SHIPFO 
Selector:    app=SHIPFO 
Type:     LoadBalancer 
IP:      10.35.240.129 
LoadBalancer Ingress: xx.xxx.xxx.xxx 
Port:     <unset> 80/TCP 
NodePort:    <unset> 32598/TCP 
Endpoints:    10.32.4.26:8085 
Session Affinity:  None 
No events.

來源

2017-03-14 Maurício Fernandes de Castro

回答

0

你可以連接到Kubernetes工人主機和從視主機點做診斷那裏,因爲,容器只是下面的一個進程。

來源

2017-03-15 09:43:07 svenwltr

+0

好點,gcloud compute ssh xxx幫助。但是,我沒有找到我的連接失敗的原因。 –

2

您需要確定您的服務是否在http端口中響應。也許你可以從你的pod到你的桌面本地端口。請在命令行中將值pod_name,pod_port和local_port替換。

kubectl port-forward <pod_name> <local_port>:<pod_port>

在此之後,獲得http://localhost:local_port和驗證,如果回報。這樣,您可以確定您的應用程序是否正在響應。

來源

2017-03-15 12:16:33

相關問題

 相關問題