[StackOverflow/kubernetes] Can't connect to Kubernetes API from any other host

### ROOT CAUSE The issue arises because the Kubernetes API server is not bound to the external IP address, restricting external connections. The `--bind-address` parameter in the kube-apiserver configuration defaults to `127.0.0.1`, limiting access to the local host. Additionally, the external IP might not be correctly advertised. ### CODE FIX 1. **Update `kube-apiserver` Configuration**: - Edit the `kube-apiserver` manifest file (typically in `/etc/kubernetes/manifests/kube-apiserver.yaml`). - Add or modify the `--bind-address` and `--advertise-address` flags: ```yaml spec: containers: - command: - kube-apiserver ... - --bind-address=0.0.0.0 - --advertise-address= ``` Replace `` with the actual external IP of the master node. 2. **Check Firewall Rules**: - Ensure the firewall allows inbound traffic on the API server port (default: 6443). For example, on a Linux system: ```bash sudo firewall-cmd --permanent --add-port=6443/tcp sudo firewall-cmd --reload ``` 3. **Verify kubelet Configuration**: - Confirm the `--advertise-address` in the kubelet configuration matches the external IP (if not managed via manifests). 4. **Restart Services**: - After updating the configuration, restart the kubelet and kube-apiserver: ```bash sudo systemctl restart kubelet ``` 5. **Test Connectivity**: - Use `curl -k https://:6443` from another host to verify the connection. This solution ensures the API server listens on all interfaces and advertises the correct external IP, enabling connections from other hosts.