kubernetes: Error from server: Get //IPaddress:10250/containerLogs/default/l: dial tcp getsockopt: no route to host2 min read

When you are working on Kubernetes you may have noticed this error while you are checking the logs of the pod from the Kubernetes master

The command to check the pod logs, consider you have a pod that is running MySQL service.

Kubect logs -f <podname>

When I was trying to access the log of the pod I was received the below error, due to this I was not able to troubleshoot the issues which are there in the application. 

So the first step is to fix this issue. Below are the troubleshooting steps which I took to fix the issue.

Step 1: Check the port 10250 is listening in all worker nodes.

AS you know kubelet is the Service that runs in all the worker and master nodes of the kubernetes cluster which interacts with the various services and objects of the Kubernetes.

Port 10250 is associated with the kubelet service.

To check the port is listening use the below command for that.

netstat -tulnp|grep 10250

If the output response is positive we can confirm that the kubelet service is running on the particular node. Now we have to move on to the next step

Step 2: Check the port 10250 is listening from the Kubernetes master node.

To check the connectivity from the master server, you can use the telnet command

telnet workderIPaddress 10250

Ex: telnet 10250

If the output is not negative we can confirm that there is some network connectivity issue. I=

Step 3: check if you have any external firewall which needs to enable communication between the nodes.


External firewall routes the traffic


Any security groups which filters the traffic

Its always recommended to whitelist the Kubernetes ports across all the nodes of the cluster.

Step 4: Check the server firewall such as firewall

Once you completed all the above-mentioned steps and still facing the issue, the issue might be with the internal firewall which is running in the server.

In my case, I had firewalld running in the server which I was not using. So I went and disabled it

Service firewalld stop

Service firewalld disable

If you use firewalld you can use the below command to add an incoming traffic rule

firewall-cmd --add-port=[YOUR PORT]/tcp

Once you completed this step now check the connectivity again using the telnet command.

telnet IPaddress 10250

Now it should work,

After that, you can try to get the logs of the pod using the kubectl command.

Now you will be able to see the logs of the pod.

Cheers!!!! Happy learning

Prabhin Prabharkaran Administrator
DevOps Engineer

He is a Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!

follow me
We need your support!!
Other Amount:
Questions Answered
Articles Written
Overall Points

Prabhin Prabharkaran

He is Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!!

You may also like...

Leave a Reply