A KUBE-NODEPORTS -p tcp -m comment -comment "default/hostnames:" -m tcp -dport 30177 -j KUBE-MARK-MASQ A POSTROUTING -m comment -comment "kubernetes postrouting rules" -j KUBE-POSTROUTING A OUTPUT ! -d 127.0.0.0/8 -m addrtype -dst-type LOCAL -j DOCKER A OUTPUT -m comment -comment "kubernetes service portals" -j KUBE-SERVICES A PREROUTING -m addrtype -dst-type LOCAL -j DOCKER A PREROUTING -m comment -comment "kubernetes service portals" -j KUBE-SERVICES Also, if I bypass kubernetes and run a docker container I have no problems with external access. 我相当确信这是一个iptables/kube-proxy问题,因为如果我修改kube-proxy的配置,从 -proxy-mode=iptables to -proxy-mode=userspace 我可以access from both external machines. target-port=9376 ~ $ kubectl get svc hostnames port=9376 ~ $ kubectl expose deployment hostnames \ Image: quay.io/coreos/hyperkube:v1.5.2_coreos.0
0 Comments
Leave a Reply. |