K8s service (LoadBalancer) only accessible from within cluster

I have a service endpoint in a k8s cluster, that is exposing 80 and 443 ports.

In the k8s dashboard, it indicates that these are the external endpoints:

(the k8s has been deployed using rancher and the service is of type LoadBalancer)


Here comes the weird (?) part:

From a busybox pod spawned within the cluster:

wget <some_rancher_agent_public_ip>:80
wget <some_rancher_agent_public_ip>:443

both succeed (i.e they fetch the index.html file)

From outside the cluster:

Connecting to <some_rancher_agent_public_ip>:80... connected.
HTTP request sent, awaiting response... 

2018-01-05 17:42:51 ERROR 502: Bad Gateway.

I am assuming this is not a security groups issue given that:

  • it does connect to <some_rancher_agent_public_ip>:80
  • I have also tested this by allowing all traffic from all sources in the sg the instance with <some_rancher_agent_public_ip> belongs to

Any suggestions?