This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 73%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
I am new to Azure and Azure Kubernetes Service.
I faced an issue that my service already received external IP, however the external IP I unable to access from browser. I did further check but I have no clue that what going on for my AKS.
Here is my YAML file (I'm hide something for security purpose):
- apiVersion: apps/v1
kind: Deployment
metadata:
name: sample-app-pod
namespace: eccdemo-ns
spec:
replicas: 1
selector:
matchLabels:
app: sample-app
template:
metadata:
labels:
app: sample-app
spec:
nodeSelector:
kubernetes.io/os: windows
containers:
- name: server-container
image: <hidden>
env:
- name: MONGO_DB_URI
value: "<hidden>"
- name: SQLITE_PATH
value: "/data/sqlite.db"
volumeMounts:
- mountPath: /data
name: eccdemo-storage
- name: webui-container
image: <hidden>
ports:
- containerPort: 80
protocol: TCP
name: webui-port
volumeMounts:
- mountPath: /data
name: eccdemo-storage
volumes:
- name: eccdemo-storage
persistentVolumeClaim:
claimName: eccdemo-pvc
- apiVersion: v1
kind: Service
metadata:
name: webui-service
namespace: eccdemo-ns
spec:
selector:
app: sample-app
ports:
- protocol: TCP
name: eccdemo
port: 80
targetPort: webui-port
type: LoadBalancer
- apiVersion: v1
kind: PersistentVolume
metadata:
name: eccdemo-pv
namespace: eccdemo-ns
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: eccdemo-storage
hostPath:
path: /mnt/data/eccdemo
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: eccdemo-pvc
namespace: eccdemo-ns
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: eccdemo-storage
I also check the firewall and Network Security Group, Only NSG have one rule was deny and I not sure whether it cause the issue. Here is the Network Security Group setting:
Please guide me how to resolve it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 35%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Hi Tan Boon Huan,
Thank you for reaching out to us on the Microsoft Q&A forum.
Could you please share the output of the following command
kubectl get services -n <Namespace>
Meanwhile, please verify the NSG and firewall rules for your application to check if anything is blocking access from outside the cluster.
Hi Srinud,
The NSG I already shared in the question, and I do not have any Azure Firewall setting setup in it. Also, my local machine's firewall setting was allowed all inbound and outbound.
Here is the Command result.
if I use curl command to call the external IP, it will show error "Could not connect to server".
I did try added network policies to allow all NSG's inbound and outbound but I still getting same error of "Could not connect to server". Please guide me to resolve it. Thanks
Hi Tan Boon Huan,
I just wanted to check if you had a chance to review comment. If you found it helpful, could you kindly click the “upvote” on my post.
If you have any further queries, please let us know in the comment.
Thank you.
Hi @Tan Boon Huan,
I just wanted to check if you had a chance to review comment. If you found it helpful, could you kindly click the “upvote” on my post.
If you have any further queries, please let us know in the comment.
Thank you.
Hi Tan Boon Huan,
Thank you for providing additional details and the service output.
I have tested in my lab by checking with nginx image by deployment and service manifest and it is working. Could you please recheck setup once again and try to deploy and let me know.
If the information is helpful, please consider by clicking the "Accept answer and Upvote" on the post.If you have any further queries, please let us know in the comment. We are glad to help you.