実現したいこと

こんにちは！
現在Golangで構成されたプログラム＋envoyの2つのコンテナを持つkubernetesのnodeをminikubeにて作成中です。

  Warning  BackOff    3m1s (x3 over 3m14s)   kubelet            Back-off restarting failed container sample-envoy in pod sample-7548d8d5cb-fgk5s_default(04698280-7a4c-4234-84ab-fdb396a3aa25)
  Warning  Unhealthy  2m59s (x10 over 3m6s)  kubelet            Readiness probe failed: Get "http://10.244.0.31:9002/": dial tcp 10.244.0.31:9002: connect: connection refused

上記エラーを解消し、疎通確認を行いたいです。

該当のソースコード

yaml
1# deployment.yaml
2apiVersion: apps/v1
3kind: Deployment
4metadata:
5  name: sample
6  labels:
7    app: sample
8spec:
9  replicas: 1
10  selector:
11    matchLabels:
12      app: sample
13  template:
14    metadata:
15      labels:
16        app: sample
17    spec:
18      containers:
19      - name: sample
20        image: shimo0108/gcp-ops:latest
21        imagePullPolicy: IfNotPresent
22        ports:
23          - containerPort: 8080
24        livenessProbe:
25          initialDelaySeconds: 5
26          periodSeconds: 5
27          tcpSocket:
28            port: 8080
29        readinessProbe:
30          failureThreshold: 1
31          httpGet:
32            path: /
33            port: 9002
34            scheme: HTTP
35          initialDelaySeconds: 10
36          periodSeconds: 1
37          successThreshold: 1
38          timeoutSeconds: 1
39        resources:
40          {}
41      - name: sample-envoy
42        args:
43        - -c
44        - /usr/local/conf/envoy-config.yaml
45        command:
46        - envoy
47        env:
48        - name: POD_NAME
49          valueFrom:
50            fieldRef:
51              apiVersion: v1
52              fieldPath: metadata.name
53        image: envoyproxy/envoy-alpine:v1.21.1
54        imagePullPolicy: IfNotPresent
55        lifecycle:
56          preStop:
57            exec:
58              command:
59              - sh
60              - -c
61              - wget --post-data='' http://127.0.0.1:9004/healthcheck/fail; sleep
62                40
63        ports:
64        - containerPort: 9002
65          name: service
66          protocol: TCP
67        - containerPort: 9004
68          name: admin
69          protocol: TCP
70        resources: {}
71        terminationMessagePath: /dev/termination-log
72        terminationMessagePolicy: File
73        volumeMounts:
74        - mountPath: /usr/local/conf
75          name: envoy-config
76          readOnly: true
77      volumes:
78      - configMap:
79          defaultMode: 420
80          name: sample-envoy-config
81        name: envoy-config

yaml
1# configmap.yaml
2apiVersion: v1
3kind: ConfigMap
4metadata:
5  name: sample-envoy-config
6data:
7  envoy-config.yaml: |
8    admin:
9      access_log:
10      - name: envoy.access_loggers.file
11        typed_config:
12          "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
13          path: /dev/null
14      address:
15        socket_address:
16          address: 0.0.0.0
17          port_value: 9004
18    cluster_manager:
19      outlier_detection:
20        event_log_path: /dev/stdout
21    static_resources:
22      clusters:
23      - name: sample
24        type: strict_dns
25        connect_timeout: 0.25s
26        health_checks:
27        - http_health_check:
28            path: "/"
29          healthy_threshold: 1
30          interval: 1s
31          interval_jitter: 1s
32          no_traffic_interval: 2s
33          timeout: 1s
34          unhealthy_threshold: 2
35          event_log_path: /dev/stdout
36          always_log_health_check_failures: true
37        load_assignment:
38          cluster_name: sample
39          endpoints:
40          - lb_endpoints:
41            - endpoint:
42                address:
43                  socket_address:
44                    address: 127.0.0.1
45                    port_value: 8080
46        lb_policy: round_robin
47        dns_lookup_family: v4_only
48        ignore_health_on_host_removal: true
49        circuit_breakers:
50          thresholds:
51          - priority: DEFAULT
52            max_connections: 2048
53            max_pending_requests: 6144
54            max_requests: 6144
55            max_retries: 3
56      listeners:
57      - name: ingress
58        address:
59          socket_address:
60            address: 0.0.0.0
61            port_value: 9002
62        filter_chains:
63        - filters:
64          - name: envoy.http_connection_manager
65            typed_config:
66              "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
67              access_log:
68              - name: envoy.file_access_log
69                typed_config:
70                  "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
71                  path: /dev/stdout
72                  log_format:
73                    json_format:
74                      severity: "INFO"
75                      message: "Envoy access log"
76                      kind: "accesslog"
77                      eventTime: "%START_TIME(%s.%6f)%"
78                      ip: "%REQ(X-FORWARDED-FOR)%"
79                      method: "%REQ(:METHOD)%"
80                      path: "%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%"
81                      receivedBodySize: "%BYTES_RECEIVED%"
82                      sentBodySize: "%BYTES_SENT%"
83                      status: "%RESPONSE_CODE%"
84                      duration: "%DURATION%"
85                      responseDuration: "%RESPONSE_DURATION%"
86                      agent: "%REQ(USER-AGENT)%"
87                filter:
88                  not_health_check_filter: {}
89              codec_type: auto
90              stat_prefix: ingress_http
91              http_filters:
92              - name: envoy.filters.http.cors
93              - name: envoy.filters.http.health_check
94                typed_config:
95                  "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck
96                  pass_through_mode: false
97                  cluster_min_healthy_percentages:
98                    sample:
99                      value: 100
100                  headers:
101                  - name: ":path"
102                    string_match:
103                      exact: /
104              - name: envoy.filters.http.compressor
105                typed_config:
106                  "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor
107                  response_direction_config:
108                    common_config:
109                      content_type:
110                      - application/json
111                      - application/protobuf
112                    disable_on_etag_header: true
113                  compressor_library:
114                    name: for_response
115                    typed_config:
116                      "@type": type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip
117                      compression_level: DEFAULT_COMPRESSION
118                      compression_strategy: DEFAULT_STRATEGY
119              - name: envoy.filters.http.router
120                typed_config: {}
121              route_config:
122                virtual_hosts:
123                - name: ingress_services
124                  domains:
125                  - '*'
126                  cors:
127                    allow_origin_string_match:
128                    - exact: "http://localhost:8080"
129                    allow_headers: "Accept, Accept-Encoding, Content-Type, X-API-Key, X-Request-ETag, Authorization, If-Modified-Since, If-None-Match, X-Requested-With, X-WT-Signature"
130                    allow_methods: "GET, POST, DELETE, PATCH, PUT"
131                    max_age: "604800"
132                    allow_credentials: true
133                  routes:
134                  - route:
135                      cluster: sample
136                      retry_policy:
137                        retry_on: 5xx
138                        num_retries: 2
139                        host_selection_retry_max_attempts: 2
140                    match:
141                      prefix: /
142                      headers:
143                      - name: ":method"
144                        string_match:
145                          exact: "OPTIONS"
146                  - match:
147                      prefix: /
148                    route:
149                      timeout: 200s
150                      retry_policy:
151                        retry_on: 5xx
152                        num_retries: 2
153                        host_selection_retry_max_attempts: 2
154                response_headers_to_add:
155                - header:
156                    key: X-Content-Type-Options
157                    value: nosniff
158                  append: false
159                - header:
160                    key: X-XSS-Protection
161                    value: "1; mode=block"
162                  append: false
163

yaml
1# service.yaml
2kind: Service
3apiVersion: v1
4metadata:
5  name: sample
6  labels:
7    app: sample
8spec:
9  type: NodePort
10  selector:
11    app: sample
12  ports:
13    - name: service
14      port: 8080
15      targetPort: 9002
16      protocol: TCP
17    - name: admin
18      port: 9004
19      protocol: TCP

go
1package main
2
3import (
4	"fmt"
5	"net/http"
6)
7
8func handler(writer http.ResponseWriter, request *http.Request) {
9	fmt.Fprintf(writer, "success")
10}
11
12func main() {
13	http.HandleFunc("/", handler)
14	http.ListenAndServe(":8080", nil)
15}

試したこと

golang用のDockerfileは問題なくbuildできている。
envoyのdocker imageも問題なさそう。
純粋にネットワークの問題だけだと思っているのですが具体的な原因が判明できず苦戦しています。
どんな些細なことでもいいのでご指摘いただけると嬉しいです。

補足情報（FW/ツールのバージョンなど）

ここにより詳細な情報を記載してください。