Fix Application is inaccessible externally

Scenario

The application runs on a virtual machine exercise3 and is intended to be accessible externally through https://exercise3-namespace-userx.{openshift_cluster_ingress_domain}, but it’s currently facing connectivity issues.

03 step2
The primary goal in this scenario is to investigate the cause of the issue by examining the OpenShift network components involved in accessing the application within the OpenShift cluster.

The steps to fix exercise3 are:

Console

  1. Login to OpenShift console using the assigned user account.

{openshift_console_url}

Username
userx
Password
{password}

  1. Go to Virtualization - VirtualMachines - Select the project for the assigned user account - look for VM called exercise3.

01 step2

  1. Go to Networking in the left menu and look for the route associated to this virtual machine. Route name is exercise3.

02 step3

  1. Access the route in a new browser tab and check if the application is available. The application is currently not serving requests at this endpoint. It may not have been started or is still starting

03 step2

  1. Go to the Services menu to get the exercise3 service details. Look for the IP address and target port and check it is set to 80.

04 step5

  1. Go to Workloads and then look for the pods. Select the pod called curlimage and access to its terminal.

05 step6

  1. Try to do curl from the pod to the service IP address and port (80)

curl 172.31.247.113:80

  1. The service should be accessible with message: Hello from exercise3, you are doing a great job!

06 step7

  1. Now, check the target port for the route. Go to Network and then Routes and check exercise3 route port is set to 8080.

07 step9

  1. Edit the route in the yaml and update the target port into 80.

  to:
    kind: Service
    name: exercise3
    weight: 100
  port:
    targetPort: 80

  1. Access the route URL again and now the application should be accessible.

Run grade to validate the exercise
lab grade exercise3

Command line (CLI)

  1. Login to Openshift server API using the assigned user account with oc command if not logged in.

OpenShift login command
{login_command}

  1. Go to the assigned namespace-userx

oc project namespace-userx

  1. Get the Virtual Machine pod IP address

PODIP=$(oc get pods -l kubevirt.io/domain=exercise3 \
-o jsonpath="{.items[*].status.podIP}" -n namespace-userx)

  1. Use the curlimage pod to test the Virtual Machine and verify that it’s working as expected

oc exec curlimage -- curl -s $PODIP
Hello from exercise3, you are doing a great job!

  1. Check the service details of exercise3 and get details for IP and Port

SVCIP=$(oc get svc exercise3 \
-o jsonpath="{.spec.clusterIP}" -n namespace-userx)

  1. Curl the IP and port from service in the curlimage pod

oc exec curlimage -- curl -s $SVCIP
Hello from exercise3, you are doing a great job!

  1. Try to access the route and verify that it’s not working

oc exec curlimage -- \
curl -s https://exercise3-namespace-userx.{openshift_cluster_ingress_domain}

  1. Check the route and verify that Wrong Endpoint Port (8080)

oc describe route exercise3

  1. Edit the route exercise3 and change targetPort from 8080 to 80

oc edit route exercise3

  1. or just use this patch

oc patch route exercise3 -p '{"spec":{"port":{"targetPort":80}}}'

  1. Test the application

The application is available on https://exercise3-namespace-userx.{openshift_cluster_ingress_domain}

or

oc exec curlimage -- curl -s \
https://exercise3-namespace-userx.{openshift_cluster_ingress_domain}

What you learned

In this exercise, you learned how to troubleshoot issues preventing external access to an application by examining all related network components in OpenShift. You tested the application within the virtual machine, verified the service, and checked the route. These steps help you to determine whether the issue is within OpenShift or an external system.