0

I'm following the Multi-DC Consul on Kubernetes to implement the example. Everything works perfectly fine during the configuration. After the configuration, consul members of two data centers are as below:

Amsterdam:

Node                                Address           Status  Type    Build  Protocol  DC   Segment
consul-0                            10.20.2.6:8301    alive   server  1.2.1  2         ams  <all>
consul-1                            10.20.0.5:8301    alive   server  1.2.1  2         ams  <all>
consul-2                            10.20.1.11:8301   alive   server  1.2.1  2         ams  <all>
gke-ams-default-pool-a85b4aae-1gtl  10.154.0.14:8301  alive   client  1.2.1  2         ams  <default>
gke-ams-default-pool-a85b4aae-kktf  10.154.0.15:8301  alive   client  1.2.1  2         ams  <default>
gke-ams-default-pool-a85b4aae-m4dj  10.154.0.16:8301  alive   client  1.2.1  2         ams  <default>

London:

Node                                   Address           Status  Type    Build  Protocol  DC      Segment
consul-0                               10.28.1.8:8301    alive   server  1.2.1  2         london  <all>
consul-1                               10.28.0.9:8301    alive   server  1.2.1  2         london  <all>
consul-2                               10.28.2.14:8301   alive   server  1.2.1  2         london  <all>
gke-london-default-pool-1ea5feef-0t50  10.164.0.22:8301  alive   client  1.2.1  2         london  <default>
gke-london-default-pool-1ea5feef-329g  10.164.0.21:8301  alive   client  1.2.1  2         london  <default>
gke-london-default-pool-1ea5feef-z62n  10.164.0.20:8301  alive   client  1.2.1  2         london  <default>

Then I tried to join services in Amsterdam from London and run consul join -wan 10.20.2.6. After a while, I got the error 

Error joining address '10.20.2.6': Unexpected response code: 500 (1 error(s) occurred:

* Failed to join 10.20.2.6: dial tcp 10.20.2.6:8302: i/o timeout)
Failed to join any nodes.

What could be the possible reason for this error?

Coding_Rabbit
  • 1,287
  • 3
  • 22
  • 44
  • Were you able to reach(ping/discover) from one dc to another? – Dinesh Balasubramanian Mar 15 '19 at 03:24
  • No response when I ping another dc from one. – Coding_Rabbit Mar 15 '19 at 09:01
  • Looks like those ips are `private ips` in that dc. You might want to do some tunneling to make it reachable. or you have to expose it public ip and use it – Dinesh Balasubramanian Mar 15 '19 at 10:41
  • Did you create VPN or VPC peering between the two locations? The blog you linked doesn't show this, it assumes you have working network connection between the DCs. This is excerpt from the blog: `I have assumed that networking “just works” between these 2 regions for you. You can make this work however you like, depending on your own configuration, whether it’s VPC peering or a VPN.` – bagljas Mar 18 '19 at 20:32
  • @baglijas. Thanks! I just found Google Cloud Platform provides the external IP of each VM instance. It still doesn't work even when I used the external IP but I can ping the external IP address successfully. – Coding_Rabbit Mar 20 '19 at 21:08
  • @Coding_Rabbit make sure you open port `8302` as well, I haven't used GCP but this might help: https://stackoverflow.com/a/21068402/7109330 Consul uses `tcp` port `8302` for WAN communication. To test if your port is open use `telnet 8302`. If possible limit firewall rule, so only your dataceneters communicate, and you don't end up with port opened to the whole internet. – bagljas Mar 21 '19 at 14:56

0 Answers0