Kubernetes多端口服务：无法从客户端pod连接到XDB中的graphite端口_Kubernetes_Influxdb_Graphite_Tcpdump_Flannel

Kubernetes多端口服务：无法从客户端pod连接到XDB中的graphite端口

kubernetes influxdb

Kubernetes多端口服务：无法从客户端pod连接到XDB中的graphite端口,kubernetes,influxdb,graphite,tcpdump,flannel,Kubernetes,Influxdb,Graphite,Tcpdump,Flannel,我在kubernetes集群中运行了一个XDB服务，它公开了以下两个端口 --- apiVersion: v1 kind: Service metadata: labels: task: influxdb name: influxdb namespace: my-namespace spec: type: NodePort ports: - port: 8086 name: influxdb-port targetPort: 8086 no

我在kubernetes集群中运行了一个XDB服务，它公开了以下两个端口

---
apiVersion: v1
kind: Service
metadata:
  labels:
    task: influxdb
  name: influxdb
  namespace: my-namespace
spec:
  type: NodePort
  ports:
  - port: 8086
    name: influxdb-port
    targetPort: 8086
    nodePort: 30101
  - port: 2003
    name: graphite-port
    targetPort: 2003
    nodePort: 30103
  selector:
    k8s-app: influxdb

我还在influxdb.conf中启用了graphite，如下所示

   [[graphite]]
      enabled = true
      bind-address = ":2003"
      protocol = "tcp"

当我在集群中部署此服务时，我能够从k8s集群外部以及任何k8s节点写入graphite数据库端口

  echo "local.random.diceroll 4 `date +%s`" | nc -v 10.233.26.252 2003
  Ncat: Version 7.50 ( https://nmap.org/ncat )
  Ncat: Connected to 10.233.26.252:2003.
  Ncat: 35 bytes sent, 0 bytes received in 0.01 seconds.

但是，如果我从同一命名空间中运行的客户机pod运行相同的命令，则该命令将挂起。从同一个客户端pod中，我能够毫无问题地编写XDB端口

以下是从客户端pod发送到graphite端口2003的nc命令的tcpdump跟踪

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
03:02:17.133367  In b2:7c:b9:93:b8:9c ethertype IPv4 (0x0800), length 76: 10.233.102.131.60272 > 10.233.26.252.cfinger: Flags [S], seq 3653742255, win 29200, options [mss 1460,sackOK,TS val 629141248 ecr 0,nop,wscale 7], length 0
03:02:17.133414 Out ethertype IPv4 (0x0800), length 76: 10.233.102.131.60272 > 10.233.71.26.cfinger: Flags [S], seq 3653742255, win 29200, options [mss 1460,sackOK,TS val 629141248 ecr 0,nop,wscale 7], length 0
03:02:17.133783  In ethertype IPv4 (0x0800), length 76: 10.233.71.26.cfinger > 10.233.102.131.60272: Flags [S.], seq 4245034624, ack 3653742256, win 28960, options [mss 1460,sackOK,TS val 629140002 ecr 629141248,nop,wscale 7], length 0
03:02:17.133791 Out ee:ee:ee:ee:ee:ee ethertype IPv4 (0x0800), length 76: 10.233.26.252.cfinger > 10.233.102.131.60272: Flags [S.], seq 4245034624, ack 3653742256, win 28960, options [mss 1460,sackOK,TS val 629140002 ecr 629141248,nop,wscale 7], length 0
03:02:17.133805  In b2:7c:b9:93:b8:9c ethertype IPv4 (0x0800), length 68: 10.233.102.131.60272 > 10.233.26.252.cfinger: Flags [.], ack 1, win 229, options [nop,nop,TS val 629141248 ecr 629140002], length 0
03:02:17.133809 Out ethertype IPv4 (0x0800), length 68: 10.233.102.131.60272 > 10.233.71.26.cfinger: Flags [.], ack 1, win 229, options [nop,nop,TS val 629141248 ecr 629140002], length 0
03:02:17.134036  In b2:7c:b9:93:b8:9c ethertype IPv4 (0x0800), length 103: 10.233.102.131.60272 > 10.233.26.252.cfinger: Flags [P.], seq 1:36, ack 1, win 229, options [nop,nop,TS val 629141249 ecr 629140002], length 35
03:02:17.134049 Out ethertype IPv4 (0x0800), length 103: 10.233.102.131.60272 > 10.233.71.26.cfinger: Flags [P.], seq 1:36, ack 1, win 229, options [nop,nop,TS val 629141249 ecr 629140002], length 35
03:02:17.134235  In ethertype IPv4 (0x0800), length 68: 10.233.71.26.cfinger > 10.233.102.131.60272: Flags [.], ack 36, win 227, options [nop,nop,TS val 629140002 ecr 629141249], length 0
03:02:17.134258 Out ee:ee:ee:ee:ee:ee ethertype IPv4 (0x0800), length 68: 10.233.26.252.cfinger > 10.233.102.131.60272: Flags [.], ack 36, win 227, options [nop,nop,TS val 629140002 ecr 629141249], length 0
^C
10 packets captured
10 packets received by filter

我不得不使用-q0选项而不是-v。-q0选项确保在发送数据后关闭netcat连接