Update:
What I am trying to achieve: I have the IP address of a cluster resource (10.1.239.128 in the examples below) and want to figure out to which POD/service/... it belongs.
I set up a Kuebernetes cluster using Microk8s running, among others, vault and cert-manager via Helm charts. In two of the PODs created for vault and cert-manager, I get multiple the following log entry:
> kubectl logs pod/cert-manager-webhook-6787f645b9-s5fxl
http: TLS handshake error from 10.1.239.128:37763: EOF
> kubectl logs pod/release-name-vault-0
http: TLS handshake error from 10.1.239.128:48609: remote error: tls: unknown certificate authority
I am struggling with finding out where these requests come from.
I tried:
kubectl get svc --all-namespaceskubectl get endpoints --all-namespaceskubectl get endpointslices --all-namespacesping -a 10.1.239.128 using from a POD created using netshootto figure out from where the requests are coming from, but to no luck. The ip address is not listed or resolved to a DNS name to further investigate.
Any further ideas of how to get the resource issuing the request or further debug this? Thanks in advance.
Here is a workaround, not the finest way of doing it, but it may help to get in the right direction:
kubectl api-resources -oname |while read r;
do
echo -n "$r ----> ";
kubectl get $r -A -o yaml |grep -oPz '\d+\.\d+\.\d+\.\d+';
echo "" ;
done
Assuming the IP, you are searching for is a cluster resource.