A Kubernetes service defines a logical set of pods that can be accessed either from other pods in the cluster, or from outside of the cluster. Issues with services often directly impact users by causing APIs to be unavailable.

    Empty Service

    When a service is defined without a selector, or with a selector that does not match any pods, then there will not be any endpoints created for that service. This is an issue when that service is expected to actually send traffic to pods. Double-check the service configuration to make sure the selector is defined correctly, or manually create the endpoints for the service.


    Load Balancer Events


    Services with type LoadBalancer will often manage load balancer resources in your cloud provider (AWS, Azure, or GCP). Blue Matador detects when Kubernetes is unable to create, update, or delete your load balancer by watching the Kubernetes events API. The following cases will result in Blue Matador events:

    • Load balancer creation failed
    • Load balancer update failed
    • Load balancer deletion failed
    • Load balancer unavailable

    Many load balancer issues around creating, updating, and deleting the load balancer can be traced to a permissions issue with your cloud provider. Ensure that your Kubernetes nodes have the ability to create and modify load balancers in your cloud provider to avoid these issues. If your cloud provider provides Identity & Access Management (IAM) double-check the permissions that your nodes and pods have.

    Another common problem is that many cloud provider implementations for load balancers require at least one server to send traffic to for the load balancer. This can be an issue if the service is not able to target any pods, or if the load balancer is unable to health check any servers in your cluster. Check the endpoints registered with the service using kubectl describe service <service>, figure out which nodes those pods run on, and compare it to the servers registered to the load balancer in your cloud provider.