How to check connectivity from NGINX ingress controllers to all backend pods
This document (000020011) is provided subject to the disclaimer at the end of this document.
Situation
Need to check if NGINX controllers actually have network access to the backend pods to verify the overlay network is working and to check the overall cluster network configuration.
Resolution
This script is designed to walk through all the ingress controllers[1] in a cluster and test that it can curl the backend pods from the NGINX pods.
Pre-requisites
- kubectl access to the cluster
Run script
curl https://raw.githubusercontent.com/rancherlabs/support-tools/master/NGINX-to-pods-check/check.sh | bash
Example output
Broken pod
bash ./check.sh -F Table
####################################################
Pod: webserver-bad-85cf9ccdf8-8v4mh
PodIP: 10.42.0.252
Port: 80
Endpoint: ingress-1d8af467b8b7c9682fda18c8d5053db7
Ingress: test-bad
Ingress Pod: nginx-ingress-controller-b2s2d
Node: a1ubphylbp01
Status: Fail!
####################################################
bash ./check.sh -F Inline
Checking Pod webserver-bad-8v4mh PodIP 10.42.0.252 on Port 80 in endpoint ingress-bad for ingress test-bad from nginx-ingress-controller-b2s2d on node a1ubphylbp01 NOK
Working pod
bash ./check.sh -F Table
####################################################
Pod: webserver-bad-85cf9ccdf8-8v4mh
PodIP: 10.42.0.252
Port: 80
Endpoint: ingress-1d8af467b8b7c9682fda18c8d5053db7
Ingress: test-bad
Ingress Pod: nginx-ingress-controller-b2s2d
Node: a1ubphylbp01
Status: Pass!
####################################################
bash ./check.sh -F Inline
Checking Pod webserver-good-65644cffd4-gbpkj PodIP 10.42.0.251 on Port 80 in endpoint ingress-good for ingress test-good from nginx-ingress-controller-b2s2d on node a1ubphylbp01 OK
Testing
The following commands will deploy two workloads and ingresses. One that is working with a web server that is responding on port 80. And the other will have the webserver disabled, so it will fail to connect.
kubectl apply -f https://raw.githubusercontent.com/rancherlabs/support-tools/master/NGINX-to-pods-check/example-deployment.yml
Additional Information
[1] An Ingress Controller is the load balancing pod which enforces the routing rules outlined in an `Ingress` resource
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.