google-compute-engine,kubernetes,google-kubernetes-engine"/>
  • 7
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

Using Google Container Engine (GKE) with Container Optimized Images the external interfaces (ephemeral IPs) seem to be listening on ports 110, 143, 993, 995, etc. as demonstrated via a port scan with nmap:

Nmap scan report for 236.185.xxx.xx.bc.googleusercontent.com (xx.xx.185.236)
Host is up (0.0025s latency).
Not shown: 65529 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
110/tcp  open   pop3
143/tcp  open   imap
993/tcp  open   imaps
995/tcp  open   pop3s
3389/tcp closed ms-wbt-server

I can connect via telnet but ports provide no response:

$telnet 35.192.xxx.xxx 993
Trying 35.192.xxx.xxx...
Connected to xxx.xxx.192.35.bc.googleusercontent.com.
Escape character is '^]'.
USER FOO
Connection closed by foreign host.

Finally, if you ssh to a node instance, there's no evidence of anything listening on ports 110, 143, 993, or 995.

Hoping to shed a light on this mystery!

I ran an nmap scan on a VM instance with an IP address of one of my nodes and I got the following results:

Starting Nmap 7.40 ( https://nmap.org ) at 2018-06-14 19:44 UTC
Nmap scan report for 70.133.xxx.xxx.bc.googleusercontent.com (35.224.133.70)
Host is up (0.0018s latency).
Not shown: 998 filtered ports
PORT    STATE  SERVICE
80/tcp  closed http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 4.86 seconds

However, when I ran a nmap scan using an online tool, I got the following:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-14 19:46 UTC
Nmap scan report for 70.133.xxx.xxx.bc.googleusercontent.com (35.224.133.70)
Host is up (0.030s latency).
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
80/tcp   closed   http
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  closed   https
3389/tcp filtered ms-wbt-server

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.98 seconds

I checked my Firewall rules to make sure that none of the ports other than 80 and 443 are allowed, and they were the only ones open.

To confirm that the ports such as ftp, pop3, and imap are not open, I ran a telnet and I got the following results:

telnet 35.224.133.70 993
Trying 35.224.133.70...
telnet: Unable to connect to remote host: Connection timed out

The ports you mentioned should not be open. As I have ran nmap on different nodes from different cluster, I am not experiencing the same behavior. This issue seems to be specific to your Project. I would recommend creating a private issue on our public issue tracker. You can create it here.

  • 0
Reply Report

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags