1

Hi I am trying to expose 5 ports for an Informix Container which is within a statefulSet. It has a headless service attached, to allow other internal stateless sets communicate with it internally.

I can ping the headless service informix-set-service from my informix-0 pod and other pods however when I try nmap -p 9088 informix-set-service the port is listed as closed. I am assuming this is because my yaml is wrong but I can't for the life find out where it's wrong.

It appears that the headless service is indeed attached and pointing at the correct stateful-set and within the minikube dashboard everything looks and appears to be correct.

Service minikube dash screenshot

informix@informix-0:/$ nmap -p 9088 informix-set-service

Starting Nmap 6.47 ( http://nmap.org ) at 2019-08-20 03:50 UTC
Nmap scan report for informix-set-service (172.17.0.7)
Host is up (0.00011s latency).
rDNS record for 172.17.0.7: informix-0.informix.default.svc.cluster.local
PORT     STATE  SERVICE
9088/tcp closed unknown

Nmap done: 1 IP address (1 host up) scanned in 0.03 seconds
informix@informix-0:/$ nmap -p 9088 localhost

Starting Nmap 6.47 ( http://nmap.org ) at 2019-08-20 03:50 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00026s latency).
Other addresses for localhost (not scanned): 127.0.0.1
PORT     STATE SERVICE
9088/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

Anyone got any ideas?

Deployment yaml snippet:

###############################################################################
# Informix Container
###############################################################################
#
# Headless service for Informix container StatefulSet.
# Headless service with clusterIP set to NULL
# create DNS records for Informix container hosts.
#
apiVersion: v1
kind: Service
metadata:
  name: informix-set-service
  labels:
    component: informix-set-service
    provider: IBM
spec:
  clusterIP: None
  ports:
  - port: 9088
    name: informix
  - port: 9089
    name: informix-dr
  - port: 27017
    name: mongo
  - port: 27018
    name: rest
  - port: 27883
    name: mqtt
  selector:
    component: informix-set-service
---
#
# Service for Informix container StatefulSet service.
# This is used as an external entry point for 
# the ingress controller.
#
apiVersion: v1
kind: Service
metadata:
  name: informix-service
  labels:
    component: informix-service
    provider: 4js
spec:
  ports:
  - port: 9088
    name: informix
  - port: 9089
    name: informix-dr
  - port: 27017
    name: mongo
  - port: 27018
    name: rest
  - port: 27883
    name: mqtt
  selector:
    component: informix-set-service
---
#
# StatefulSet for Informix cluster.
# StatefulSet sets predictible hostnames,and external storage is bound
# to the pods within StateFulSets for the life.
# Replica count configures number of Informix Server containers.
#
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: informix
  labels:
    app: informix
    component: db
    release: "12.10"
    provider: IBM
spec:
  serviceName: informix
  #replicas: 2 #keep it simple for now...
  selector:
    matchLabels:
      component: informix-set-service
  template:
    metadata:
      labels:
        component: informix-set-service
    spec:
      containers:
      - name: informix
        image: ibmcom/informix-innovator-c:12.10.FC12W1IE
        tty: true
        securityContext:
          privileged: true
        env:
        - name: LICENSE
          value: "accept"
        - name: DBDATE
          value: "DMY4"
        - name: SIZE
          value: "custom"
        - name: DB_USER
          value: "db_root" 
        - name: DB_NAME
          value: "db_main"
        - name: DB_PASS
          value: "db_pass123"
        ports:
        - containerPort: 9088
          name: informix
        - containerPort: 9089
          name: informix-dr
        - containerPort: 27017
          name: mongo
        - containerPort: 27018
          name: rest
        - containerPort: 27883
          name: mqtt
        volumeMounts:
        - name: data
          mountPath: /opt/ibm/data
        - name: bind-dir-mnt
          mountPath: /mnt
        - name: bind-patch-informix-setup-sqlhosts
          mountPath: /opt/ibm/scripts/informix_setup_sqlhosts.sh
        - name: bind-file-dbexport
          mountPath: /opt/ibm/informix/bin/dbexport
        - name: bind-file-dbimport
          mountPath: /opt/ibm/informix/bin/dbimport
        - name: bind-file-ontape
          mountPath: /opt/ibm/informix/bin/ontape
        - name: bind-file-informix-config
          mountPath: /opt/ibm/data/informix_config.custom
        - name: bind-file-sqlhosts
          mountPath: /opt/ibm/data/sqlhosts
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: ifx-data
      - name: bind-dir-mnt
        hostPath:
          path: <PROJECTDIR>/resources/informix
          type: DirectoryOrCreate
      - name: bind-patch-informix-setup-sqlhosts
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/scripts/informix_setup_sqlhosts.sh
          type: File
      - name: bind-file-dbexport
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/bin/dbexport
          type: File
      - name: bind-file-dbimport
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/bin/dbimport
          type: File
      - name: bind-file-ontape
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/bin/ontape
          type: File
      - name: bind-file-informix-config
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/informix_config.custom
          type: File
      - name: bind-file-sqlhosts
        hostPath:
          path: <PROJECTDIR>/containers/informix/resources/sqlhosts.k8s
          type: File
---

Edit 1: (added output of ss -lnt)

informix@informix-0:/$ ss -lnt
State       Recv-Q Send-Q              Local Address:Port                Peer Address:Port
LISTEN      0      0                       127.0.0.1:9088                           *:*
LISTEN      0      0                       127.0.0.1:9089                           *:*
LISTEN      0      0                      172.17.0.7:27017                          *:*
LISTEN      0      0                      172.17.0.7:27018                          *:*
LISTEN      0      0                      172.17.0.7:27883                          *:*
LISTEN      0      0                               *:22                             *:*
LISTEN      0      0                              :::22                            :::*
4

1 回答 1

1

From the ss output, you are listening on 127.0.0.1, rather than all interfaces:

informix@informix-0:/$ ss -lnt
State       Recv-Q Send-Q              Local Address:Port                Peer Address:Port
LISTEN      0      0                       127.0.0.1:9088                           *:*
LISTEN      0      0                       127.0.0.1:9089                           *:*

You need to adjust your application configuration to listen on something like 0.0.0.0 to enable it to be accessed from outside of the pod.

于 2019-08-20T16:44:34.320 回答