Helm list tries to connect to localhost rather than Kubernetes - kubernetes

I have a Kubernetes cluster running. All pods are running. This is a windows machine with minikube on it.
However helm ls --debug gives following error
helm ls --debug
[debug] Created tunnel using local port: '57209'
[debug] SERVER: "127.0.0.1:57209"
Error: Get http://localhost:8080/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 127.0.0.1:8080: connect: connection refused
Cluster information
kubectl.exe cluster-info
Kubernetes master is running at https://135.250.128.98:8443
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
kubectl service
kubectl.exe get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h
Dashboard is accessible at http://135.250.128.98:30000
kube configuration:
apiVersion: v1
clusters:
- cluster:
certificate-authority: C:\Users\abc\.minikube\ca.crt
server: https://135.250.128.98:8443
name: minikube
contexts:
- context:
cluster: minikube
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
user:
as-user-extra: {}
client-certificate: C:\Users\abc\.minikube\client.crt
client-key: C:\Users\abc\.minikube\client.key
Is there a solution? Most online resource says cluster is misconfigured. But not sure what is misconfigured and how to solve this error?

What worked for me when I was facing the same issue was changing automountServiceAccountToken to true.
Use the following command to edit the tiller-deploy
kubectl --namespace=kube-system edit deployment/tiller-deploy
And change automountServiceAccountToken to true

I've faced that problem and found an explanation on GitHub.
In this case, the preferable method to make it work is to rebuild the docker container with missing environment variable. These lines should build a new image:
cat << eof > Dockerfile
FROM gcr.io/kubernetes-helm/tiller:v2.3.1
ENV KUBERNETES_MASTER XX.XX.XX.XX:8080
eof
docker build -t tiller:latest .
Please substitute XX.XX.XX.XX with your Kubernetes Master IP address.

Related

Unable to externally access Nodeport service setup on Minikube (Windows WSL Ubuntu 20.04.2 LTS)

I have a running docker image which has been hosted as a pod on my Minikube cluster. However I am not able to access the Nodeport service that I have linked with it. Here are the details:
I start Minikube on my Windows WSL using this command since direct start throws issues with root access.
root#DESKTOP-RNQPOG3:/mnt/c/Users/vijay# minikube start --driver=docker --force
😄 minikube v1.23.2 on Ubuntu 20.04 (amd64)
❗ minikube skips various validations when --force is supplied; this may lead to unexpected behavior
✨ Using the docker driver based on existing profile
🛑 The "docker" driver should not be used with root privileges.
💡 If you are running minikube within a VM, consider using --driver=none:
📘 https://minikube.sigs.k8s.io/docs/reference/drivers/none/
💡 Tip: To remove this root owned cluster, run: sudo minikube delete
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🔄 Restarting existing docker container for "minikube" ...
🐳 Preparing Kubernetes v1.22.2 on Docker 20.10.8 ...
🔗 Configuring Calico (Container Networking Interface) ...
🔎 Verifying Kubernetes components...
▪ Using image kubernetesui/dashboard:v2.3.1
▪ Using image kubernetesui/metrics-scraper:v1.0.7
▪ Using image k8s.gcr.io/ingress-nginx/controller:v1.0.0-beta.3
▪ Using image k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.0
▪ Using image k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.0
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🔎 Verifying ingress addon...
🌟 Enabled addons: storage-provisioner, default-storageclass, ingress, dashboard
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
The image is already present on the cluster and I am able to curl it when I directly run the image alone.
I currently have a deployment and service on my Minikube node like so:
root#DESKTOP-RNQPOG3:/mnt/d/Coding/milestone9/Milestone9# k get deploy -o wide | grep admin
admin-deployment 3/3 3 3 8m53s admin admin:alpine app=konnectMojo
root#DESKTOP-RNQPOG3:/mnt/d/Coding/milestone9/Milestone9# k get svc -o wide | grep admin
admin-service NodePort 10.106.40.240 <none> 80:30007/TCP 8m28s app=konnectMojo
root#DESKTOP-RNQPOG3:/mnt/d/Coding/milestone9/Milestone9# k get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 4d23h v1.22.2 192.168.49.2 <none> Ubuntu 20.04.2 LTS 5.4.72-microsoft-standard-WSL2 docker://20.10.8
When I SSH into Minikube and try to curl my output from admin-service, I get the full page:
docker#minikube:~$ curl http://192.168.49.2:30007
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
..........................................................
But when I curl from outside the cluster, I am unable to get the output:
root#DESKTOP-RNQPOG3:/mnt/d/Coding/milestone9/Milestone9# curl http://192.168.49.2:30007
curl: (28) Failed to connect to 192.168.49.2 port 30007: Connection timed out
This is how my policies look. I have tried to open up all internal and external traffic:
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-all-ingress
spec:
podSelector: {}
ingress:
- {}
policyTypes:
- Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-all-egress
spec:
podSelector: {}
egress:
- {}
policyTypes:
- Egress
Any pointers on how I can sort this would be appreciated!
Edit:
I can see that the service is available out of the cluster when I do this:
root#DESKTOP-RNQPOG3:/mnt/d/Coding/milestone9/Milestone9# minikube service admin-service --url
🏃 Starting tunnel for service admin-service.
|-----------|---------------|-------------|------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|---------------|-------------|------------------------|
| default | admin-service | | http://127.0.0.1:42963 |
|-----------|---------------|-------------|------------------------|
However I need to know if this is a Minikube restriction. Kindly do explain if possible.

My app is not accessible, is my service definition wrong? [duplicate]

In minikube, how to expose a service using nodeport ?
For example, I start a kubernetes cluster using the following command and create and expose a port like this:
$ minikube start
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
$ kubectl expose deployment hello-minikube --type=NodePort
$ curl $(minikube service hello-minikube --url)
CLIENT VALUES:
client_address=192.168.99.1
command=GET
real path=/ ....
Now how to access the exposed service from the host? I guess the minikube node needs to be configured to expose this port as well.
I am not exactly sure what you are asking as it seems you already know about the minikube service <SERVICE_NAME> --url command which will give you a url where you can access the service. In order to open the exposed service, the minikube service <SERVICE_NAME> command can be used:
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
deployment "hello-minikube" created
$ kubectl expose deployment hello-minikube --type=NodePort
service "hello-minikube" exposed
$ kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube 10.0.0.102 <nodes> 8080/TCP 7s
kubernetes 10.0.0.1 <none> 443/TCP 13m
$ minikube service hello-minikube
Opening kubernetes service default/hello-minikube in default browser...
This command will open the specified service in your default browser.
There is also a --url option for printing the url of the service which is what gets opened in the browser:
$ minikube service hello-minikube --url
http://192.168.99.100:31167
As minikube is exposing access via nodeIP:nodePort and not on localhost:nodePort, you can get this working by using kubectl's port forwarding capability. For example, if you are running mongodb service:
kubectl port-forward svc/mongo 27017:27017
This would expose the service on localhost:27017, FWIW. Furthermore, you might want to figure out how to run this in background.
minikube runs on something like 192.168.99.100. So you should be able to access it on the NodePort you exposed your service at. For eg, say your NodePort is 30080, then your service will be accessible as 192.168.99.100:30080.
To get the minikube ip, run the command minikube ip.
Update Sep 14 2017:
Here's a small example that works with minikube v0.16.0.
1) Run the commands below to create an nginx running on 8080 and a NodePort svc forwarding to it:
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
deployment "hello-minikube" created
$ kubectl expose deployment hello-minikube --type=NodePort
service "hello-minikube" exposed
2) Find the nodeport used by the svc:
$ kubectl get svc hello-minikube
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube 10.0.0.76 <nodes> 8080:30341/TCP 4m
3) Find the minikube ip:
$ minikube ip
192.168.99.100
4) Talk to it with curl:
$ curl 192.168.99.100:30341
CLIENT VALUES:
client_address=172.17.0.1
command=GET
real path=/
...
I ran into a similar issue in 2022. Here are the commands I ran:
kubectl create deployment deploymentName --image=dockerHubUsername/imageTag:imageVersion
kubectl expose deployment deploymentName --type=LoadBalancer --port=8080
minikube tunnel
kubectl get services deploymentName this provides the external ip address needed to access the application. I access the app with 127.0.0.1:8080
Source
Just a note for anyone looking for connection refused answers: If your minikube does not run on "something like 192.168.99.100" you probably runned with another vm-driver like "none". In that case delete your minikube cluster and rebuild using the default. it 'll work....ish... I do not seem to be able to get the tunnel working...

Where do I find the host IP address for an app deployed in minikube

I'm deploying a spring boot app in minikube that connects to a database running on the host. Where do I find the IP address that the app can use to get back to the host? For docker I can use ifconfig and get the IP address from the docker0 entry. ifconfig shows another device with IP address 172.18.0.1. Would that be how my app would get back to the host?
I think I understood you correctly and this is what you are asking for.
Minikube is started as a VM on your machine. You need to know the IP which Minikube starts with. This can be done with minikube status or minikube ip, output might look like:
$ minikube status
minikube: Running
cluster: Running
kubectl: Correctly Configured: pointing to minikube-vm at 192.168.99.1
This will only provide you the IP address of Minikube not your application.
In order to connect to your app from outside the Minikube you need to expose it as a Service.
Example of a Service might look like this:
apiVersion: v1
kind: Service
metadata:
name: webapp
spec:
type: NodePort
ports:
- nodePort: 31317
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: webapp
You can see results:
$ kubectl get services -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
postgres ClusterIP 10.0.0.140 <none> 5432/TCP 32m app=postgres
webapp NodePort 10.0.0.235 <none> 8080:31317/TCP 2s app=webapp
You will be able to connect to the webapp from inside the Cluster using 10.0.0.235:8080 of from outside the Cluster using Minikube IP and port 31317.
I also recommend going through Hello Minikube tutorial.
It was the 172.18.0.1 IP address. I passed it to the Spring app running in minikube with a configmap like this:
kubectl create configmap springdatasourceurl --from-literal=SPRING_DATASOURCE_URL=jdbc:postgresql://172.18.0.1:5432/bookservice
The app also needed SPRING_DATASOURCE_DRIVER_CLASS_NAME to be set in a configmap and that credentials SPRING_DATASOURCE_PASSWORD and SPRING_DATASOURCE_USERNAME be set as secrets.
More information on configmap and secret are here.

Expose port in minikube

In minikube, how to expose a service using nodeport ?
For example, I start a kubernetes cluster using the following command and create and expose a port like this:
$ minikube start
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
$ kubectl expose deployment hello-minikube --type=NodePort
$ curl $(minikube service hello-minikube --url)
CLIENT VALUES:
client_address=192.168.99.1
command=GET
real path=/ ....
Now how to access the exposed service from the host? I guess the minikube node needs to be configured to expose this port as well.
I am not exactly sure what you are asking as it seems you already know about the minikube service <SERVICE_NAME> --url command which will give you a url where you can access the service. In order to open the exposed service, the minikube service <SERVICE_NAME> command can be used:
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
deployment "hello-minikube" created
$ kubectl expose deployment hello-minikube --type=NodePort
service "hello-minikube" exposed
$ kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube 10.0.0.102 <nodes> 8080/TCP 7s
kubernetes 10.0.0.1 <none> 443/TCP 13m
$ minikube service hello-minikube
Opening kubernetes service default/hello-minikube in default browser...
This command will open the specified service in your default browser.
There is also a --url option for printing the url of the service which is what gets opened in the browser:
$ minikube service hello-minikube --url
http://192.168.99.100:31167
As minikube is exposing access via nodeIP:nodePort and not on localhost:nodePort, you can get this working by using kubectl's port forwarding capability. For example, if you are running mongodb service:
kubectl port-forward svc/mongo 27017:27017
This would expose the service on localhost:27017, FWIW. Furthermore, you might want to figure out how to run this in background.
minikube runs on something like 192.168.99.100. So you should be able to access it on the NodePort you exposed your service at. For eg, say your NodePort is 30080, then your service will be accessible as 192.168.99.100:30080.
To get the minikube ip, run the command minikube ip.
Update Sep 14 2017:
Here's a small example that works with minikube v0.16.0.
1) Run the commands below to create an nginx running on 8080 and a NodePort svc forwarding to it:
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
deployment "hello-minikube" created
$ kubectl expose deployment hello-minikube --type=NodePort
service "hello-minikube" exposed
2) Find the nodeport used by the svc:
$ kubectl get svc hello-minikube
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube 10.0.0.76 <nodes> 8080:30341/TCP 4m
3) Find the minikube ip:
$ minikube ip
192.168.99.100
4) Talk to it with curl:
$ curl 192.168.99.100:30341
CLIENT VALUES:
client_address=172.17.0.1
command=GET
real path=/
...
I ran into a similar issue in 2022. Here are the commands I ran:
kubectl create deployment deploymentName --image=dockerHubUsername/imageTag:imageVersion
kubectl expose deployment deploymentName --type=LoadBalancer --port=8080
minikube tunnel
kubectl get services deploymentName this provides the external ip address needed to access the application. I access the app with 127.0.0.1:8080
Source
Just a note for anyone looking for connection refused answers: If your minikube does not run on "something like 192.168.99.100" you probably runned with another vm-driver like "none". In that case delete your minikube cluster and rebuild using the default. it 'll work....ish... I do not seem to be able to get the tunnel working...

Error while running kubectl commands

I have recently installed minikube and kubectl. However when I run kubectl get pods or any other command related to kubectl I get the error
Unable to connect to the server: unexpected EOF
Does anyone know how to fix this?I am using Ubuntu server 16.04.Thanks in advance.
The following steps can be used for further debugging.
Check the minikube local cluster status using minikube status command.
$: minikube status
minikube: Running
cluster: Running
kubectl: Correctly Configured: pointing to minikube-vm at 172.0.x.y
If problem with kubectl configuratuion,then configure it using, kubectl config use-context minikube command.
$: kubectl config use-context minikube
Switched to context "minikube".
Check the cluster status, using kubectl cluster-info command.
$: kubectl cluster-info
Kubernetes master is running at ...
Heapster is running at ...
KubeDNS is running at ...
...
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Note: It can even be due to very simple reason: internet speed (it happend to me just now).
I have same problem too. I solved after change the server addr to localhost
apiVersion: v1
clusters:
- cluster:
certificate-authority: /var/lib/minikube/certs/ca.crt
server: https://localhost:8443 # check it
name: m01
...
users:
- name: m01
user:
client-certificate: /var/lib/minikube/certs/apiserver.crt
client-key: /var/lib/minikube/certs/apiserver.key
I think your kubernetes master is not setup properly. You can check that by checking the following services in master node are in active state and running.
etcd2.service
kube-apiserver.service Kubernetes API Server
kube-controller-manager.service Kubernetes Controller Manager
kube-scheduler.service Kubernetes Scheduler