Verifying connectivity to an endpoint

    To verify that cluster resources are reachable, a TCP connection is made to each of the following cluster API services:

    • Kubernetes API server service

    • Kubernetes API server endpoints

    • OpenShift API server service

    • OpenShift API server endpoints

    To verify that services and service endpoints are reachable on every node in the cluster, a TCP connection is made to each of the following targets:

    • Health check target service

    • Health check target endpoints

    The connectivity check controller orchestrates connection verification checks in your cluster. The results for the connection tests are stored in objects in the openshift-network-diagnostics namespace. Connection tests are performed every minute in parallel.

    The Cluster Network Operator (CNO) deploys several resources to the cluster to send and receive connectivity health checks:

    Health check source

    This program deploys in a single pod replica set managed by a Deployment object. The program consumes PodNetworkConnectivity objects and connects to the spec.targetEndpoint specified in each object.

    Health check target

    A pod deployed as part of a daemon set on every node in the cluster. The pod listens for inbound health checks. The presence of this pod on every node allows for the testing of connectivity to each node.

    The PodNetworkConnectivityCheck object fields are described in the following tables.

    The following table describes the fields for objects in the status.conditions array:

    The following table describes the fields for objects in the status.conditions array:

    The fields for a connection log entry are described in the following table. The object is used in the following fields:

    • status.successes[]

    • status.outages[].startLogs[]

    • status.outages[].endLogs[]

    As a cluster administrator, you can verify the connectivity of an endpoint, such as an API server, load balancer, service, or pod.

    Prerequisites

    • Install the OpenShift CLI (oc).

    • Access to the cluster as a user with the cluster-admin role.

    Procedure

    1. To list the current PodNetworkConnectivityCheck objects, enter the following command:

      Example output

    2. View the connection test logs:

      1. From the output of the previous command, identify the endpoint that you want to review the connectivity logs for.

      2. To view the object, enter the following command:

        where <name> specifies the name of the object.