The service proxy does not respond to ICMP, which is why you aren't seeing pings of the service IP work. The service IP is a virtual IP that the local host provides for abstraction if you have a normal service. If you have a "headless" service (with clusterIP: None) you'll actually get a DNS record that points to 1 A record per pod that the service fronts, and should be pingable, but you won't get load balancing (you'll have to implement that yourself).
On Mon, Feb 15, 2016 at 2:33 PM, Candide Kemmler <[email protected]> wrote: > That all makes sense. However I'm seeing a bit of weird behaviour that I'd > like to share: > > Here's from my couchdb container terminal (the only one that has the 'ping' > utility installed): > > # ping mysql > PING mysql.test-demo.svc.cluster.local (172.30.143.100): 56 data bytes > --- mysql.test-demo.svc.cluster.local ping statistics --- > 5 packets transmitted, 0 packets received, 100% packet loss > # ping mysql-test-demo.apps.example.world > PING mysql-test-demo.apps.example.world (167.114.241.106): 56 data bytes > 64 bytes from 167.114.241.106: icmp_seq=0 ttl=64 time=0.113 ms > 64 bytes from 167.114.241.106: icmp_seq=1 ttl=64 time=0.120 ms > --- mysql-test-demo.apps.example.world ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss > round-trip min/avg/max/stddev = 0.113/0.116/0.120/0.000 ms > > i.e. if I ping mysql (the name of my db service), it looks like some dns > service will expand that to the full mysql.test-demo.svc.cluster.local URL > but that address won't be reached. The dns-mapped address, however, does work > as expected (ping succeeds)... What's probably wrong with my setup? How can I > start to debug it? > > Cheers, > > Candide > >> On 15 Feb 2016, at 20:02, Clayton Coleman <[email protected]> wrote: >> >> App means whatever you want it to mean. Project is a container for >> your stuff, app could be a single micro service, a two tier web app, a >> hundred services and DCs, etc. >> >> Everything in a project should be able to reach each other - however, >> app code still needs to do something to "reach" the others. That's >> what the local DNS provides (each service is accessible via it's name >> in each container, i.e. a service "db" is visible via "dig db" inside >> of the container) and you can hit any of the ports you want. >> >> On Mon, Feb 15, 2016 at 1:51 PM, Candide Kemmler >> <[email protected]> wrote: >>> Allright will do, thanks! One thing strikes me is that I have created >>> deployment/build configs, services, persistent volume (claims) etc all >>> separately in a project and hoped that all these objects would happily talk >>> to each other. This examples starts with an `oc new-app` command that >>> bundles all the pieces together. Could that be the thing I missed. >>> Obviously, I'm not all clear on what an "app" means vs a "project"... >>> >>> On 15 Feb 2016, at 18:08, Ben Parees <[email protected]> wrote: >>> >>> Take a look at this sample ruby app which defines a mysql service and makes >>> use of it (no route, just a service): >>> >>> https://github.com/openshift/ruby-hello-world >>> >>> the template to deploy it is here: >>> https://github.com/openshift/origin/blob/master/examples/sample-app/application-template-stibuild.json >>> >>> >>> On Mon, Feb 15, 2016 at 12:04 PM, Candide Kemmler <[email protected]> >>> wrote: >>>> >>>> I deployed a mysql service with the provided cartridge. It works and I can >>>> connect to it using the Terminal on the pod itself. However, it seems to >>>> be >>>> inaccessible from other pods. I see that there is no route defined for it; >>>> however I don't want to expose it to the outside world, only inside my >>>> project. >>>> >>>> Also, AFAIK, mysql has its own settings on how it wants to allow outside >>>> connections to it and I don't know what the defaults are... >>>> >>>> I have the same problems with a couchdb pod that I deployed in the same >>>> project: perfectly running inside its own container but invisible from the >>>> outside. >>>> >>>> Also, this documentation seems to indicate that there is a .cluster.local >>>> domain available from within the cluster, but all attempts to ping my >>>> services using the provided schemes are failing. >>>> >>>> This means I am only able to contact my services using my >>>> custom-configured wildcard domain (*.apps.example.com) but outside of it, >>>> nothing is working like I would expect. >>>> >>>> >>>> _______________________________________________ >>>> users mailing list >>>> [email protected] >>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>>> >>> >>> >>> >>> -- >>> Ben Parees | OpenShift >>> >>> >>> >>> _______________________________________________ >>> users mailing list >>> [email protected] >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>> > _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
