38

DNS resolution looks fine, but I cannot ping my service. What could be the reason?

From another pod in the cluster:

$ ping backend
PING backend.default.svc.cluster.local (10.233.14.157) 56(84) bytes of data.


^C
--- backend.default.svc.cluster.local ping statistics ---
36 packets transmitted, 0 received, 100% packet loss, time 35816ms

EDIT:

The service definition:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: backend
  name: backend
spec:
  ports:
  - name: api
    protocol: TCP
    port: 10000
  selector:
    app: backend

The deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend
  labels:
    app: backend
spec:
  replicas: 1
  selector:
    matchLabels:
      run: backend
  replicas: 1
  template:
    metadata:
      labels:
        run: backend
    spec:
      containers:
      - name: backend
        image: nha/backend:latest
        imagePullPolicy: Always
        ports:
        - name: api
          containerPort: 10000

I can curl my service from the same container:

kubectl exec -it backend-7f67c8cbd8-mf894 -- /bin/bash
root@backend-7f67c8cbd8-mf894:/# curl localhost:10000/my-endpoint
{"ok": "true"}

It looks like the endpoint on port 10000 does not get exposed though:

 kubectl get ep
NAME         ENDPOINTS                                                       AGE
backend      <none>                                                          2h
nha
  • 17,623
  • 13
  • 87
  • 133
  • Possible duplicate of [kubernetes service IPs not reachable](https://stackoverflow.com/questions/42705432/kubernetes-service-ips-not-reachable) – Janos Lenart Jun 14 '18 at 08:40

2 Answers2

51

Ping doesn't work with service's cluster IPs like 10.233.14.157, as it is a virtual IP. You should be able to ping a specific pod, but no a service.

Ignacio Millán
  • 7,480
  • 1
  • 25
  • 28
  • That would make sense - how do I ping one specific pod then? – nha Jun 14 '18 at 08:41
  • 1
    Just use `kubectl get pod` to list all pods, and then `kubectl describe pod ` to see all info about it. There is a field called IP. – Ignacio Millán Jun 14 '18 at 08:43
  • 1
    @nha `kubectl get pod -owide -n xxx` and you'll see `IP`. – wineinlib Jun 14 '18 at 09:15
  • 4
    Shouldn't you be able to ping/access a pod *through service*? Isn't that the point of services; that I don't need to get the IP address of individual containers anymore? – stefanbschneider Feb 15 '19 at 14:13
  • 5
    That is true for TCP or UDP traffic, but not for ICMP which is used when you run ping. If you wanna test a connection to a service, use netcat to generate TCP or UDP traffic. – Ignacio Millán Feb 22 '19 at 10:06
  • `Just use kubectl get pod to list all pods, and then kubectl describe pod to see all info about it. There is a field called IP` This is not a good answer. You'd need to have kubectl installed on all your pods. – Tyguy7 Oct 15 '19 at 21:53
14

You can't ping a service. You can curl it.

suren
  • 7,817
  • 1
  • 30
  • 51
  • I first tried `curl` and it wasn't working, so I though I would then use `ping` to see if it was reachable. – nha Jun 14 '18 at 10:02
  • 1
    You can't ping a service. You can use `curl` or `wget`. For example `wget -O- 10.152.183.210:80` . I prefer `wget` because it is usually available in small images such as `busybox` – Gerassimos Mitropoulos May 08 '20 at 06:57