L4 load balancer service not accepting connections
Stay organized with collections
Save and categorize content based on your preferences.
Problem
When trying to access the service's exposing load balancer from within the cluster, it fails.
Environment
- Google Kubernetes Engine private cluster
- Cloud NAT
- Service exposed with external Network Load Balancer and configured to allow access only from Cloud NAT IP
Solution
- Add pod IP range to the spec:loadBalancerSourceRanges in the service definition.
Cause
All the cluster nodes are added as backend to the External Network Load Balancer. So when the pod communicates with the LB IP, it will not go through Cloud NAT even though it is a public IP. It will be routed/routable by the node. Review
Three-tier web service with global access example to get more information about how Google programs backends to respond to L4 Load Balancers.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-12-10 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-12-10 UTC."],[],[]]
