Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.24] ServiceLB cannot be accessed via loopback when service ExternalTrafficPolicy=Local #7704

Closed
brandond opened this issue Jun 8, 2023 · 1 comment
Closed

[release-1.24] ServiceLB cannot be accessed via loopback when service ExternalTrafficPolicy=Local #7704

brandond opened this issue Jun 8, 2023 · 1 comment
Assignees
@brandond @fmoral2
Milestone
v1.24.15+k3s1

Comments

@brandond
Copy link
Member

brandond commented Jun 8, 2023

@brandond brandond self-assigned this Jun 8, 2023
@brandond brandond added this to the v1.24.15+k3s1 milestone Jun 8, 2023
@brandond brandond mentioned this issue Jun 9, 2023
Merged
@fmoral2
Copy link
Contributor

fmoral2 commented Jun 14, 2023

Validated on Version:

-  k3s version v1.24.14+k3s-d74fa4f4 (d74fa4f4)

Environment Details

Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:
Ubuntu

Cluster Configuration:
1 node

Config.yaml:

token: secret
write-kubeconfig-mode: 644
selinux: true
cluster-init: true

Steps to Validate the fix:

  1. Install k3s in latest commit
  2. Deploy a workload that will reach local :8080
  3. Check the connection successfully
Logs 
###### Issue Validation: ########

 ~$   k3s -v
    k3s version v1.24.14+k3s-d74fa4f4 (d74fa4f4)
    go version go1.19.9



 ~$ k apply
    `
    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
    name: ingresstest-deploy
    labels:
    app: ingresstest
    spec:
    selector:
    matchLabels:
    app: ingresstest
    template:
    metadata:
    labels:
    app: ingresstest
    spec:
    containers:
    - name: ingresstest
    image: ranchertest/mytestcontainer:unprivileged
    imagePullPolicy: Always
    ---
    apiVersion: v1
    kind: Service
    metadata:
    name: ingresstest-ingress-svc
    labels:
    app: ingresstest
    spec:
    externalTrafficPolicy: Local
    type: LoadBalancer
    ports:
    - port: 8080
    targetPort: 8080
    protocol: TCP
    name: http
    selector:
    app: ingresstest
    `



 ~$ curl http://127.0.0.1:8080
    <!DOCTYPE html>
    <html>
    <head>
        <title>Welcome to nginx!</title>
        <style>
            html { color-scheme: light dark; }
            body { width: 35em; margin: 0 auto;
                font-family: Tahoma, Verdana, Arial, sans-serif; }
        </style>
    </head>
    <body>
    <h1>Welcome to nginx!</h1>
    <p>If you see this page, the nginx web server is successfully installed and
        working. Further configuration is required.</p>

    <p>For online documentation and support please refer to
        <a href="http://nginx.org/">nginx.org</a>.<br/>
        Commercial support is available at
        <a href="http://nginx.com/">nginx.com</a>.</p>

    <p><em>Thank you for using nginx.</em></p>
    </body>
    </html>



~$   k describe pod svclb-ingresstest-ingress-svc- -n kube-system | grep "klipper"
    Image:          rancher/klipper-lb:v0.4.4
    Image ID:       docker.io/rancher/klipper-lb@sha256:d6780e97ac25454b56f88410b236d52572518040f11d0db5c6baaac0d2fcf860
    Normal  Pulling    3m7s  kubelet            Pulling image "rancher/klipper-lb:v0.4.4"
    Normal  Pulled     3m6s  kubelet            Successfully pulled image "rancher/klipper-lb:v0.4.4" in 1.231038964s

@fmoral2 fmoral2 closed this as completed Jun 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brandond brandond

@fmoral2 fmoral2

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.24.15+k3s1
Development

No branches or pull requests
2 participants
@brandond @fmoral2