This might be very simple for lot of people but while working in IT industry, so many years sometime API development team stuck for this issue.
When we deploy our APIs on GKE and APIs calling external services which are located outside of GCP, we required to open firewall OR it might be already open. In this article i will provide step by step guide how to check firewall status from GKE container level.
Make sure you (user) have following roles configured OR you have service account which contains following permission
Permission: container.pods.exec
Following steps can be performed from GCP cloud shell or Terminal (for mac) or powershell (for windows)
run this command, “gcloud container clusters get-credentials {YOUR CLUSTER NAME} –region {REGION} –project {PROJECT_NAME}”
then “kubectl get pods” OR “kubectl get pods –all-namespaces”
This will list down all the pods running in your cluster with different namespaces.
Now the most important step is to pick the pod. Pod for which you need to run container shell
run this command, “kubectl exec –stdin –tty {POD_NAME} — /bin/bash” OR “kubectl exec –stdin –tty {POD_NAME} — /bin/sh”
there are multiple ways now as you are logged inside the container shell
If you have host name – “nc -vz www.cnbc.com {port (optional)}”
if you have IP address – ” telnet 10.17.34.98 5000″
you can also find out IP address of using nslookup.
Please feel free to add suggestion or comment to improve this post better……