[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: accessing mysql from other pods



The service proxy does not respond to ICMP, which is why you aren't
seeing pings of the service IP work.  The service IP is a virtual IP
that the local host provides for abstraction if you have a normal
service.  If you have a "headless" service (with clusterIP: None)
you'll actually get a DNS record that points to 1 A record per pod
that the service fronts, and should be pingable, but you won't get
load balancing (you'll have to implement that yourself).

On Mon, Feb 15, 2016 at 2:33 PM, Candide Kemmler
<candide intrinsic world> wrote:
> That all makes sense. However I'm seeing a bit of weird behaviour that I'd like to share:
>
> Here's from my couchdb container terminal (the only one that has the 'ping' utility installed):
>
> # ping mysql
> PING mysql.test-demo.svc.cluster.local (172.30.143.100): 56 data bytes
> --- mysql.test-demo.svc.cluster.local ping statistics ---
> 5 packets transmitted, 0 packets received, 100% packet loss
> # ping mysql-test-demo.apps.example.world
> PING mysql-test-demo.apps.example.world (167.114.241.106): 56 data bytes
> 64 bytes from 167.114.241.106: icmp_seq=0 ttl=64 time=0.113 ms
> 64 bytes from 167.114.241.106: icmp_seq=1 ttl=64 time=0.120 ms
> --- mysql-test-demo.apps.example.world ping statistics ---
> 2 packets transmitted, 2 packets received, 0% packet loss
> round-trip min/avg/max/stddev = 0.113/0.116/0.120/0.000 ms
>
> i.e. if I ping mysql (the name of my db service), it looks like some dns service will expand that to the full mysql.test-demo.svc.cluster.local  URL but that address won't be reached. The dns-mapped address, however, does work as expected (ping succeeds)... What's probably wrong with my setup? How can I start to debug it?
>
> Cheers,
>
> Candide
>
>> On 15 Feb 2016, at 20:02, Clayton Coleman <ccoleman redhat com> wrote:
>>
>> App means whatever you want it to mean.  Project is a container for
>> your stuff, app could be a single micro service, a two tier web app, a
>> hundred services and DCs, etc.
>>
>> Everything in a project should be able to reach each other - however,
>> app code still needs to do something to "reach" the others.  That's
>> what the local DNS provides (each service is accessible via it's name
>> in each container, i.e. a service "db" is visible via "dig db" inside
>> of the container) and you can hit any of the ports you want.
>>
>> On Mon, Feb 15, 2016 at 1:51 PM, Candide Kemmler
>> <candide intrinsic world> wrote:
>>> Allright will do, thanks! One thing strikes me is that I have created
>>> deployment/build configs, services, persistent volume (claims) etc all
>>> separately in a project and hoped that all these objects would happily talk
>>> to each other. This examples starts with an `oc new-app` command that
>>> bundles all the pieces together. Could that be the thing I missed.
>>> Obviously, I'm not all clear on what an "app" means vs a "project"...
>>>
>>> On 15 Feb 2016, at 18:08, Ben Parees <bparees redhat com> wrote:
>>>
>>> Take a look at this sample ruby app which defines a mysql service and makes
>>> use of it (no route, just a service):
>>>
>>> https://github.com/openshift/ruby-hello-world
>>>
>>> the template to deploy it is here:
>>> https://github.com/openshift/origin/blob/master/examples/sample-app/application-template-stibuild.json
>>>
>>>
>>> On Mon, Feb 15, 2016 at 12:04 PM, Candide Kemmler <candide intrinsic world>
>>> wrote:
>>>>
>>>> I deployed a mysql service with the provided cartridge. It works and I can
>>>> connect to it  using the Terminal on the pod itself. However, it seems to be
>>>> inaccessible from other pods. I see that there is no route defined for it;
>>>> however I don't want to expose it to the outside world, only inside my
>>>> project.
>>>>
>>>> Also, AFAIK, mysql has its own settings on how it wants to allow outside
>>>> connections to it and I don't know what the defaults are...
>>>>
>>>> I have the same problems with a couchdb pod that I deployed in the same
>>>> project: perfectly running inside its own container but invisible from the
>>>> outside.
>>>>
>>>> Also, this documentation seems to indicate that there is a .cluster.local
>>>> domain available from within the cluster, but all attempts to ping my
>>>> services using the provided schemes are failing.
>>>>
>>>> This means I am only able to contact my services using my
>>>> custom-configured wildcard domain (*.apps.example.com) but outside of it,
>>>> nothing is working like I would expect.
>>>>
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users lists openshift redhat com
>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>>
>>>
>>>
>>>
>>> --
>>> Ben Parees | OpenShift
>>>
>>>
>>>
>>> _______________________________________________
>>> users mailing list
>>> users lists openshift redhat com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]