Score:0

Server

Communication between pods in different clusters

RedBluff

4/11/24, 7:47 AM

I have two clusters A (on-prem) and B (gke). Clusters are connected with VPN. There is a pod and NodePort-service on clusterA. I want to be able to talk with service/ClusterA from pod/ClusterB. VPN works fine. From Node/ClusterB I can successfully contact with service/ClusterA. Unfortunately from pod/ClusterB I can't connect with service/ClusterA. curl return: connect to port 30578 failed. As I said this work when running directly from Node/ClusterB

209

2 + 6

networking

kubernetes

Kranthiveer Dontineni

4/11/24, 9:10 AM

Is this the only url which you were not able to crul..? Can you check whether the vpn configuration is properly enabled for the pod network.. also give the output of telnet and traceroute commands from the pod.

RedBluff

4/11/24, 9:27 AM

1 10.236.0.1 (10.236.0.1) 0.009 ms 0.008 ms 0.007 ms 2 * * * traceroute shows only that traffic goes the default gateway and that's it

RedBluff

4/11/24, 9:40 AM

Services from the same cluster are accessible from pod so seems like all traffic outside is blocked. But as I said only from pod because I am able to communicate with ClusterA from Node/ClusterB.

Kranthiveer Dontineni

4/11/24, 11:07 AM

Changing and applying the network policies might help here follow this [tutorial](https://cloud.google.com/kubernetes-engine/docs/tutorials/network-policy) for applying network policies to your pod network in gke. Hope this might help you in resolving your issue.

RedBluff

4/11/24, 1:02 PM

I see that networkpolicy is disabled in GKE by default. I will turn it on and try to configure ingress/egress trafic.

Kranthiveer Dontineni

4/13/24, 4:31 AM

Is your issue resolved ping here if you need any further inputs...

Score:0

Server

RedBluff

4/13/24, 8:16 AM

Solution to my problem was provided here enter link description here

nonMasqueradeCIDRs for PODs IP range is required

+ 0

Score:0

Server

NastyaPetrenko

4/11/24, 9:23 AM

To connect from a pod in Cluster B to a NodePort service in Cluster A:

Ensure the Pod in Cluster B has network access to the service. Verify the Service is listening on the correct port. Check if there is a firewall blocking the traffic. Check if Kubernetes NetworkPolicy is blocking traffic. Verify the connectivity from Cluster A to B.

+ 1

RedBluff

4/11/24, 9:27 AM

Concectivity between clustes is OK. Service is listening on the correct port. I know that a Pod i ClusterB has no network access to the service. The question is way? The node under the pod has access to the service. So? How can I manipulate pod network? Also ClusterB is GKE cluster so no cni plugin is installed.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Communication between pods in different clusters

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.