Search code examples
kubernetesprometheusservice-node-port-range

kubernetes - unable to expose Prometheus using NodePort

I have Prometheus installed on GCP, and i'm able to do a port-forward and access the Prometheus UI

Prometheus Pods, Events on GCP :

Karans-MacBook-Pro:prometheus-yamls karanalang$ kc get pods -n monitoring -o wide
NAME                                   READY   STATUS       RESTARTS   AGE     IP           NODE                                                NOMINATED NODE   READINESS GATES
grafana-5ccfb68647-8fjrz               0/1     Terminated   0          28h     <none>       gke-strimzi-prometheus-default-pool-38ca804d-nfvm   <none>           <none>
grafana-5ccfb68647-h7vbr               1/1     Running      0          5h24m   10.76.0.9    gke-strimzi-prometheus-default-pool-38ca804d-zzl9   <none>           <none>
prometheus-operator-85d84bb848-hw6d5   1/1     Running      0          5h24m   10.76.0.4    gke-strimzi-prometheus-default-pool-38ca804d-zzl9   <none>           <none>
prometheus-operator-85d84bb848-znjs6   0/1     Terminated   0          28h     <none>       gke-strimzi-prometheus-default-pool-38ca804d-nfvm   <none>           <none>
prometheus-prometheus-0                2/2     Running      0          5h24m   10.76.0.10   gke-strimzi-prometheus-default-pool-38ca804d-zzl9   <none>           <none>
prometheus-prometheus-1                2/2     Running      0          5h24m   10.76.0.7    gke-strimzi-prometheus-default-pool-38ca804d-zzl9   <none>           <none>
prometheus-prometheus-2                2/2     Running      0          5h24m   10.76.0.11   gke-strimzi-prometheus-default-pool-38ca804d-zzl9   <none>           <none>


Karans-MacBook-Pro:prometheus-yamls karanalang$ kc get endpoints -n monitoring
NAME                  ENDPOINTS                                        AGE
grafana               10.76.0.9:3000                                   28h
grafana-lb            10.76.0.9:3000                                   54m
prometheus-lb         10.76.0.10:9090,10.76.0.11:9090,10.76.0.7:9090   155m
prometheus-nodeport   10.76.0.10:9090,10.76.0.11:9090,10.76.0.7:9090   149m
prometheus-operated   10.76.0.10:9090,10.76.0.11:9090,10.76.0.7:9090   28h
prometheus-operator   10.76.0.4:8080                                   29h

I've create a NodePort(port 30900), and also create a firewall allowing ingress to the port 30900

Karans-MacBook-Pro:prometheus-yamls karanalang$ kc get svc -n monitoring | grep prometheus-nodeport
prometheus-nodeport   NodePort       10.80.7.195   <none>           9090:30900/TCP   146m

However, when i try to access using http://<node_ip>:30900, the url is not accessible. Also, telnet to the host/port is not working

Karans-MacBook-Pro:prometheus-yamls karanalang$ telnet 10.76.0.11 30900
Trying 10.76.0.11...


Karans-MacBook-Pro:prometheus-yamls karanalang$ ping 10.76.0.7
PING 10.76.0.7 (10.76.0.7): 56 data bytes
Request timeout for icmp_seq 0

Here is the yaml used to create the NodePort (in monitoring namespace)

apiVersion: v1
kind: Service
metadata:
  name: prometheus-nodeport
spec:
  type: NodePort
  ports:
  - name: web
    nodePort: 30900
    port: 9090
    protocol: TCP
    targetPort: 9090
  selector:
    prometheus: prometheus

Any ideas on what the issue is ? How do i debug/resolve this ?

Solution

  • Karans-MacBook-Pro:prometheus-yamls karanalang$ telnet 10.76.0.11 30900 Trying 10.76.0.11...

    Karans-MacBook-Pro:prometheus-yamls karanalang$ ping 10.76.0.7 PING 10.76.0.7 (10.76.0.7): 56 data bytes

    The IP that you used above appeared to be in the Pod CIDR range when judged from the EndPoints result in the question. These are not the worker node IP, which means you need to first check if you can reach any of the worker node over the network that you reside now (home? vpn? internet?), and the worker node already has the correct port (30900) opened.