1

I am trying to expose a UDP service (tftp) through a k3s nodePort but can't seem to connect. The TCP service work fine, but the UDP service doesn't seem to be exposed.

The deployment lists the ports:

...
ports:
  - containerPort: 3000
  - containerPort: 69
    protocol: UDP

and here is the service definition:

apiVersion: v1
kind: Service
metadata:
  name: netboot-nodeports
spec:
  selector:
    app: netboot
  type: NodePort
  ports:
    - name: tftp
      port: 69
      targetPort: 69
      nodePort: 32069
      protocol: UDP
    - name: webui
      port: 3000
      targetPort: 3000
      nodePort: 32070

Connecting to the TCP port from the node or another machine on the network (ie, curl http://192.168.1.154:32070) works as expected. I can connect to the tftp UDP service from inside the container (ie, kubectl exec -it netboot-64565b9c69-bmvs4n -- tftp localhost 69), but connecting from the node or another machine on the network (ie, tftp 192.168.1.154 32069) fails with a timeout error.

This is all running in k3s on nixOS on a single node. There is no firewall running (configuration.nix: networking.firewall.enable = false;). I dodn't see any relevant errors in the k3s logs. The nix k3s config is really minimal:

services.k3s.enable = true;
services.k3s.role = "server";
services.k3s.extraFlags = toString [];
Mark Grimes
  • 814

1 Answers1

0

There may be some reasons why UDP is not exposed in your k3s nodePort:

  1. It might be the flannel configuration is in default CNI that uses overlay network. If flannel is misconfigured, it could affect the UDP routing overlay. For troubleshooting, you can check Flannel pod logs for any errors related to UDP traffic routing.

  2. It may be that k3s services uses the ClusterIP type, that makes them visible only inside the cluster. You can try to set the service definition to type: NodePort.

Dion V
  • 171