Skip to content

Instantly share code, notes, and snippets.

@bprashanth

bprashanth/l7_debug.md

Last active March 23, 2016 23:18
Show Gist options
  • Save bprashanth/b9f68dbfd1e95deddf50 to your computer and use it in GitHub Desktop.
Save bprashanth/b9f68dbfd1e95deddf50 to your computer and use it in GitHub Desktop.
Download ZIP
L7 debug
Raw
l7_debug.md

What's the restart count on the pod?
what's the output of

$ kubectl logs --namespace=kube-system exec l7-lb-controller-v0.5.2-apv4a -c l7-lb-controller

If it's restarting, can you please try:

$ kubectl --namespace=kube-system exec l7-lb-controller-v0.5.2-apv4a -c l7-lb-controller -- curl --silent localhost:8080/healthz
It should return a 200 and the string "ok".

If it doesn't, can you try:

kubectl --namespace=kube-system exec l7-lb-controller-v0.5.2-apv4a -c l7-lb-controller -- curl --silent http://metadata.google.internal/computeMetadata/v1/ -H 'Metadata-Flavor: Google'

And if that doesn't work, can you give me:

kubectl --namespace=kube-system exec l7-lb-controller-v0.5.2-0ldk1 -c l7-lb-controller -- cat /etc/resolv.conf

You should see the ip of your DNS service in there (kubectl --namespace=kube-system get svc kube-dns). If it's there, and the nslookup/curl fails, can you exec into the kube-dns pod and try resolving the metadata service?

kubectl exec -it kube-dns-pod-name -c skydns -- nslookup metadata.google.internal

Your nodes need compute/rw scope, you can check this with:

$  gcloud container clusters describe foo
...
  oauthScopes:
  - https://www.googleapis.com/auth/compute

You should also be able to ssh into a node and try:

node $ gcloud compute backend-services list
@jerryjj
Copy link

jerryjj commented Mar 23, 2016

Hi,
Here are my results:

kubectl --context=gke_jerry-gde-1_europe-west1-c_ssltest --namespace=kube-system logs l7-lb-controller-v0.6.0-ab1fi l7-lb-controller

I0323 23:05:55.911019       1 main.go:159] Starting GLBC image: glbc:0.6.0
I0323 23:05:56.953522       1 gce.go:245] Using existing Token Source &oauth2.reuseTokenSource{new:google.computeSource{account:""}, mu:sync.Mutex{state:0, sema:0x0}, t:(*oauth2.Token)(nil)}
I0323 23:05:56.953849       1 controller.go:190] Starting loadbalancer controller
I0323 23:06:55.707774       1 main.go:133] Received SIGTERM, shutting down
I0323 23:06:55.707820       1 controller.go:210] Shutting down controller queues.
I0323 23:06:55.707923       1 main.go:141] Exiting with 0

kubectl --context=gke_jerry-gde-1_europe-west1-c_ssltest --namespace=kube-system exec l7-lb-controller-v0.6.0-ab1fi -c l7-lb-controller -- curl --silent localhost:8080/healthz

ok

kubectl --context=gke_jerry-gde-1_europe-west1-c_ssltest --namespace=kube-system exec l7-lb-controller-v0.6.0-ab1fi -c l7-lb-controller -- cat /etc/resolv.conf

search kube-system.svc.cluster.local svc.cluster.local cluster.local c.jerry-gde-1.internal. google.internal.
nameserver 10.223.240.10
options ndots:5

kubectl --context=gke_jerry-gde-1_europe-west1-c_ssltest --namespace=kube-system get svc kube-dns

kube-dns   10.223.240.10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment