Public IP not reachable and connection timeout

Question

We are using a new AKS cluster with only one deployment. That deployment runs only one pod and exposes a .NET core 3.1 application that uses two ports: one for public access and one for private access. To access the public port I created service of type loadbalancer that exposes the public port. After doing this I can see that a public IP is assigned to the service when I do kubectl get services but when I try to reach the IP of the service by entering it in a browser or by using it within POSTMAN to execute a get request I cannot connect and the site is not reachable.

Answer 1

To narrow down the cause, you can start with confirming whether the service is accessible from:

-Pod IP
-ClusterIP of the service, inside the cluster
-and then test the load balancer.

You can also test the connectivity from a curl command ideally from a host machine inside the same vnet where the AKS is created.
For example, "curl EXTERNAL-IP:8080"

They you would need to look at allowing traffic access from the internet in the NSG applied to the vnet/subnet for aks.

Let me know your observations and I can help troubleshoot further.

Answer 2

We had a similar issue which happened after we re-installled the ingress which changed the external IP address. When this happens the old IP address still remains in the kube-proxy somehow.

So, deleting the kube-proxy pods on all the nodes restarted the kube-proxy and our issue was resolved.

Answer 3

I have Kubernetes configured with nginx controller .

I can access my services by logging onto pod container and doing curl for ingress controller IP address.

So all works fine as expected from inside the AKS subnet.

However, I am not able to access same from IP Address of ingress controller from browser.

Looks like traffic is getting blocked and not reaching public ip address of ingress.

NSG is open for AKS subnet. Anything else which we can check.