I'm attempting to expose a server on port 80 via kubernetes.
Start minikube :
minikube start
Create a deployment by running the command
"kubectl create deployment apache --image=httpd:2.4"
Create a service by running the command
"kubectl create service nodeport apache --tcp=80:80"
kubectl get svc
returns :
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
apache NodePort 10.105.48.77 <none> 80:31619/TCP 5s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 43s
I've attempted to open 10.105.48.77 & 10.96.0.1 on port 80 but the service is not running.
How to start a simple http server on port 80 via kubernetes that will serve requests to that same port ?
NodePort has a range 30000-32767. Your log shows 31619 is assigned, you may try that. If you really want port 80 you will need other types of service, for example LoadBalancer. You can also use port-forward to forward you local port 80 to the apache pod.
Related
I'm struggling with kubernates configurations. What I want to get it's just to reach a deployment within the cluster. The cluster is on my dedicated server and I'm deploying it by using Kubeadm.
My nodes:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 9d v1.19.3
k8s-worker1 Ready <none> 9d v1.19.3
I've a deployment running (nginx basic example)
$ kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 2/2 2 2 29m
I've created a service
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 9d
my-service ClusterIP 10.106.109.94 <none> 80/TCP 20m
The YAML file for my service is the following:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
Now I should expect, if I run curl 10.106.109.94:80 on my k8s-master to get the http answer.. but what I got is:
curl: (7) Failed to connect to 10.106.109.94 port 80: Connection refused
I've tried with NodePort as well and with targetPort and nodePort but the result is the same.
The cluster ip can not be reachable from outside of your cluster that means you will not get any response from the host machine that host your k8s cluster as this ip is not a part of your machine or any other machine rather than its a cluster ip which is used by your cluster CNI network like flunnel,weave.
So to get your services accessible from the outside or atleast from the host machine you have to change the type of your service like NodePort,LoadBalancer,K8s port-forward.
If you can change the service type NodePort then you will get response with any of your host machine ip and the allocated nodeport.
For example,if your k8s-master is 192.168.x.x and nodePort is 33303 then you can get response by
curl http://192.168.x.x:33303
or
curl http://worker_node_ip:33303
if your cluster is in locally installed, then you can install metalLB to get the privilege of load balancer.
You can also use port-forward to get your service accessible from the host that has kubectl client with k8s cluster access.
kubectl port-forward svc/my-service 80:80
kubectl -n namespace port-forward svc/service_name Port:Port
I installed microk8s on my ubuntu machine based on steps here https://ubuntu.com/kubernetes/install#single-node
Then I followed kubernetes official tutorial and created and exposed a deployment like this
microk8s.kubectl create deployment kubernetes-bootcamp --image=gcr.io/google-samples/kubernetes-bootcamp:v1
microk8s.kubectl expose deployment/kubernetes-bootcamp --type=NodePort --port 8083
This is my kubectl get services output
akila#ubuntu:~$ microk8s.kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 25h
kubernetes-bootcamp NodePort 10.152.183.11 <none> 8083:31695/TCP 17s
This is my kubectl get pods output
akila#ubuntu:~$ microk8s.kubectl get pods
NAME READY STATUS RESTARTS AGE
kubernetes-bootcamp-6f6656d949-rllgt 1/1 Running 0 51m
But I can't access the service from my browser using http://localhost:8083 OR using http://10.152.183.11:31695
When I tried http://localhost:31695 I'm getting ERR_CONNECTION_REFUSED.
How can I access this "kubernetes-bootcamp" service from my browser ?
Am I mising anything ?
The IP 10.152.183.11 is CLUSTER-IP and not accessible from outside the cluster i.e from a browser. You should be using http://localhost:31695 where 31695 is the NodePort opened on the host system.
The container of the gcr.io/google-samples/kubernetes-bootcamp:v1 image need to listen on port 8083 because you are exposing it on that port. Double check that because otherwise this will lead to ERR_CONNECTION_REFUSED error.
If the container is listening on port 8080 then use below command to expose that port
microk8s.kubectl expose deployment/kubernetes-bootcamp --type=NodePort --port 8080
Try this
kubectl port-forward <pod_name> <local_port>:<pod_port>
then access http://localhost:<local_port>
I'm newer with kubernetes. I've installed minikube v1.5.2 in a virtualbox VM (ubuntu 19.10). I want to create a web server that I can access from the host and guest. However, I can't access it or expose an IP. Could you help me?
I've already enabled the ingress addons.
When I try list the ingress object there is no external IP and I recive this error message from ingress controller deployment:
2019/11/10 15:41:04 controller-haproxy.go:147 service does not exists
2019/11/10 15:41:09 controller.go:333: service does not exists
2019/11/10 15:41:09 controller-haproxy.go:147 service does not exists
2019/11/10 15:41:14 controller.go:333: service does not exists
2019/11/10 15:41:14 controller-haproxy.go:147 service does not exists
This is my code: https://pastebin.com/ysMPtyuV
Minikube introduced supporting of LoadBalancer via minikube tunnel.
When you are not using $ sudo minikube tunnel your LB service will be in pending state whole time.
You need to open another SSH window and run $ sudo minikube tunnel. You will receive output in one SSH like:
$ sudo minikube tunnel
Status:
machine: minikube
pid: 11549
route: 10.96.0.0/12 -> 10.132.15.208
minikube: Running
services: [haproxy-ingress]
errors:
minikube: no errors
router: no errors
loadbalancer emulator: no errors
In the second SSH you will be able to check that LB service obtain IP address.
minikube:~$ kubectl get svc -w
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
app ClusterIP 10.105.136.11 <none> 80/TCP 68s
haproxy-ingress LoadBalancer 10.111.24.111 <pending> 80:31187/TCP 68s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d
haproxy-ingress LoadBalancer 10.111.24.111 10.111.24.111 80:31187/TCP 80s
Please keep in mind that minikube tunnel session must be opened whole the time otherwise your LB will stop getting IP address.
You can check similar case with Kong using minikube LB.
Let me know if that helped you.
I have 3 virtual machines (ubuntu 18 lts) on my local pc: 1 is master and 2 are nodes. I was able to install kubernetes and also to setup my application.
My application consist of 3 parts: database, backend and frontend. For each of these parts I've created and deployed services. I want to expose the FE service outside the cluster to be able to access it from one of the nodes.
The service description looks like this:
apiVersion: v1
kind: Service
metadata:
name: fe-deployment
labels:
run: fe-srv
spec:
ports:
- protocol: TCP
port: 8085
targetPort: 80
selector:
app: fe
type: NodePort
The ouput of
kubectl get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
k8node1 Ready <none> 2d22h v1.16.0 172.17.199.105 <none> Ubuntu 18.04.3 LTS 5.0.0-29-generic docker://18.9.7
k8node2 Ready <none> 2d22h v1.16.0 172.17.199.110 <none> Ubuntu 18.04.3 LTS 5.0.0-29-generic docker://18.9.7
kubectl get service -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
be-deployment ClusterIP 10.96.169.225 <none> 8080/TCP 2d22h app=be
db-deployment ClusterIP 10.110.14.88 <none> 3306/TCP 2d22h app=db
fe-deployment NodePort 10.104.211.32 <none> 8085:32476/TCP 2d21h app=fe
I would have expected that using one node IP and the node port to be able to access my FE from browser, but it doesn't work.
What am I missing? How to access my FE from outside the cluster?
Edit
Based on the documentation, NodePort service type should:
Exposes the Service on each Node’s IP at a static port (the NodePort). A ClusterIP Service, to which the NodePort Service routes, is automatically created. You’ll be able to contact the NodePort Service, from outside the cluster, by requesting NodeIP:NodePort
I understand that I will access my service from outside of the cluster using node IP and static port. From the node IP statement I understand that it refers to the machine (the VM in my case) IP.
Later Edit
I've checked the firewall and it seems that is disable on all my machines:
sudo ufw status
Status: inactive
Later later edit
As I told in a comment, trying to telnet to IPv4 address didn't work. Trying with IPv6 does work on localhost and also using the ethernet interface IPv6 IP.
The netstat output is:
netstat -6 -a | grep 324
tcp6 1 0 [::]:32476 [::]:* LISTEN
Despite the fact that it should work (based on the information I read on internet) it doesn't work with IPv4. Is there a way to change this?
Later later later edit
It seems that this is a bug
You can assign EXTERNAL-IP for fe service as IP address if node.
Then you can check : curl -k http://EXTERNAL-IP:PORT
EXTERNAL-IP is Node of IP adress Server.
In your case, due to you didn't defined nodePort, kubernetes randomly assigned port 32476 to your service. To access that service go to <EXTERNAL-NODE-IP>:32476 (kubernetes-docs).
If you want to assign specific port, you need to define nodePort in service definition (example for ingress based on nginx):
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
name: ingress-nginx
spec:
ports:
- name: http
nodePort: 30080
port: 80
protocol: TCP
targetPort: 80
selector:
app.kubernetes.io/name: ingress-nginx
type: NodePort
You would not get an external IP when exposing service as a nodeport.
Exposing Service on a Nodeport means that your service would be available on externally via the NodeIP of any node in the cluster at a random port between 30000-32767(default behaviour) .
Each of the nodes in the cluster proxy that port (the same port number on every Node) into the pod where your service is launched.
From your kubectl get service -o wide output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
fe-deployment NodePort 10.104.211.32 <none> 8085:32476/TCP 2d21h app=fe
We can find that port on which your service is exposed is port 32476.
From Your kubectl get node -o wide output:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
k8node1 Ready <none> 2d22h v1.16.0 172.17.199.105 <none> Ubuntu 18.04.3 LTS 5.0.0-29-generic docker://18.9.7
k8node2 Ready <none> 2d22h v1.16.0 172.17.199.110 <none> Ubuntu 18.04.3 LTS 5.0.0-29-generic docker://18.9.7
We can find that your node ips are: 172.17.199.105 and 172.17.199.110
You can now access your service externally using <Node-IP>:<Node-Port>.
So in Your case these are 172.17.199.105:32476 and 172.17.199.110:32476 depending on which node you want to access Your service.
Additionally, if you want a fixed Node port, you can specify that in the yaml.
You need to make sure you add a security rule on your nodes to allow traffic on the particular port.
Service showing pending status after exposing the deployment.
packet#ubuntu:/home/gss$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 22h
wms1 LoadBalancer 10.106.19.103 <pending> 8000:32461/TCP 17h
Installed kubeadm with one master and 4 worker nodes.
created deployment with the command:
sudo docker run -p 8000:8000 w1
here w1 is my image name.
created service with the command:
kubectl expose deployment wms1 --type=LoadBalancer --port=8000
To retrieve external ip for your application in Kubernetes Cluster you have to use cloud provider like Google Kubernetes Engine or Amazon Web Services.
Please check:
https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#external-load-balancer-providers
Otherwise you can use Type NodePort and in that case Kubernetes master will allocate a port from a range specified by --service-node-port-range flag (default: 30000-32767), and each Node will proxy that port (the same port number on every Node) into your Service.
For detailed information: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport
In a second terminal, run the command:
minikube tunnel
restart your service and you should see the EXTERNAL-IP populated