I am using minikube on Windows 10 with docker driver.
I installed dvwa-web by following this guide: https://github.com/cytopia/docker-dvwa/tree/master/k8s
Got it installed, and this is the output:
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dvwa-mysql-service ClusterIP 10.104.172.238 <none> 3306/TCP 69s
dvwa-web-service LoadBalancer 10.106.62.70 192.168.49.20 8081:30789/TCP 69s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7m41s
The tutorial says I can access it through: http://192.168.49.20:8081
However, I could not when I tried.
when I issue command minikube service dvwa-web-service --url , I get this:
http://127.0.0.1:14176
and I can access it.
What is the problem? why I cannot access the app through EXTERNAL-IP?
Thanks.
Related
I have deployed pihole on my k3s cluster using this helm chart https://github.com/MoJo2600/pihole-kubernetes.
(I used this tutorial)
I now have my services but they dont have external IPs:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
pihole-web ClusterIP 10.43.58.197 <none> 80/TCP,443/TCP 11h
pihole-dns-udp NodePort 10.43.248.252 <none> 53:30451/UDP 11h
pihole-dns-tcp NodePort 10.43.248.144 <none> 53:32260/TCP 11h
pihole-dhcp NodePort 10.43.96.49 <none> 67:30979/UDP 11h
I have tried to assing the IPs manually with this command:
kubectl patch svc pihole-dns-tcp -p '{"spec":{"externalIPs":["192.168.178.210"]}}'
But when executing the command i'm getting this error:
Error from server (NotFound): services "pihole-dns-tcp" not found
Any Ideas for a fix?
Thank you in advance :)
Looks Like "pihole-dns-tcp" is in a different namespace to the namespace where patch command is being ran.
As per the article you have shared , it seems like service pihole-dns-tcp is in pihole . So the command should be
kubectl patch svc pihole-dns-tcp -n pihole -p '{"spec":{"externalIPs":["192.168.178.210"]}}'
I deployed a (LoadBalancer) service for a pod on my minikube cluster, then exposed it via minikube service [my_service] command. Now I tried to "turn off the exposure" but couldn't find any way to do this, except deleting it what I would like to avoid. Is it possible to just turn off the exposure, not deleting (and redeploying) the existing already exposed service?
Background
In Kubernetes documentation regarding ServiceTypes, you can find information that if you want to expose your cluster outside you have to use NodePort or LoadBalancer.
If you want to keep your service/application in cluster, you should use ClusterIP:
Exposes the Service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster. This is the default ServiceType.
Depends on your version, you can edit it or use workaround. For example in K8s 1.16 you won't be able as some errors might occurs.
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.8.0.1 <none> 443/TCP 3d20h
my-nginx LoadBalancer 10.8.14.224 34.121.77.108 80:32039/TCP 3m16s
$ kubectl patch service my-nginx -p '{"spec":{"type":"ClusterIP"}}'
The Service "my-nginx" is invalid: spec.ports[0].nodePort: Forbidden: may not be used when `type` is 'ClusterIP'
Solutions
However as you are using Minikube so I guess you are using newer version (1.20), so you can change it using:
kubectl edit
kubectl edit svc <yourSvcName> and change type to ClusterIP.
It will open Vi editor, where you can change spec.type to ClusterIP or just remove it as default type for Kubernetes service is ClusterIP so if it won't be specified, Kubernetes will automatically use ClusterIP.
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 25s
my-nginx LoadBalancer 10.107.129.201 <pending> 80:30173/TCP 8s
minikube-new:~$ kubectl edit svc my-nginx
service/my-nginx edited
sekreta#minikube-new:~$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 46s
my-nginx ClusterIP 10.107.129.201 <none> 80/TCP 29s
kubectl patch
$ kubectl patch service <yourServiceName> -p '{"spec":{"type":"ClusterIP"}}'
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10m
my-nginx LoadBalancer 10.107.129.201 <pending> 80:30456/TCP 2m
minikube-new:~$ kubectl patch service my-nginx -p '{"spec":{"type":"ClusterIP"}}'
service/my-nginx patched
minikube-new:~$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10m
my-nginx ClusterIP 10.107.129.201 <none> 80/TCP 3m
kubectl apply
You can edit your Yaml and remove spec.type or have 2 Yamls with ClusterIP and LoadBalancer and switch them depends on your needs.
$ kubectl apply -f svc.yaml
service/my-nginx configured
minikube-new:~$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 22m
my-nginx ClusterIP 10.111.237.133 <none> 80/TCP 16s
Use some 3rd party software to make changes in your cluster like Helm and using templates.
How to get a full FQDN of the service inside Kubernetes?
➜ k get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
airflow-flower-service ClusterIP 172.20.119.107 <none> 5555/TCP 20d app=edna-airflow
airflow-service ClusterIP 172.20.76.63 <none> 80/TCP 20d app=edna-airflow
backend-service ClusterIP 172.20.39.154 <none> 80/TCP 20d app=edna-backend
so how to query internal Kubernetes DNS to get the FQDN of the backend-service for example?
Go inside any pod in the same namespace with kubectl exec -ti <your pod> bash and then run nslookup <your service> which will typically be, unless you change some configurations in the cluster to: yourservice.yournamespace.svc.cluster.local
I have expose my deployment to the specific nodeport, if I want to connect to this deployment in cluster, how can I find the ip address of nodeport?
You access NodePort service with <node-ip>:<node-port>.
1. Check Node IP
To check node-ip, you can execute the following command:
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
gke-rafal-test-cluster-default-pool-ef8193e3-1450 Ready <none> 6m47s v1.13.11-gke.23 192.168.1.234 35.188.23.46 Container-Optimized OS from Google 4.14.138+ docker://18.9.7
gke-rafal-test-cluster-default-pool-ef8193e3-1bd4 Ready <none> 6m47s v1.13.11-gke.23 192.168.1.230 34.67.114.201 Container-Optimized OS from Google 4.14.138+ docker://18.9.7
gke-rafal-test-cluster-default-pool-ef8193e3-q3c4 Ready <none> 6m47s v1.13.11-gke.23 192.168.1.228 34.69.230.23 Container-Optimized OS from Google 4.14.138+ docker://18.9.7
Any of node EXTERNAL-IP will work, so you can use 35.188.23.46, 4.67.114.201, or 34.69.230.23. It doesn't matter.
If you don't see any EXTERNAL-IP, it may mean that your Kubernetes nodes do not have external IPs, so you just can't access them from outside.
If you run minikube, you can check node ip with the minikube ip command. If you run Docker Desktop Kubernetes, then node ip is localhost.
2. Check Node Port
To check node-port, you can execute the following command.
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-release-hazelcast NodePort 10.208.7.24 <none> 5701:31096/TCP 4s
The <node-port> is 31096.
I have a very simple springboot service deployed on minikube in windows 10.
C:\Software\Kubernetes>kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
myspringbootserver 1/1 1 1 68m
C:\Software\Kubernetes>kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 49d
myspringbootserver NodePort 10.110.179.207 <none> 9080:30451/TCP 6m50s
C:\Software\Kubernetes>minikube service myspringbootserver --url
http://192.168.99.101:30451
But when I try to hit the service from my chrome browser with url
http://192.168.99.101:30451/MySpringBootServer/heartbeat
getting connection refused exception.Not sure what is going wrong.Could anyone help to resolve it please?
enter image description here
Can you curl or wget using the IP address of the pod?
For example kubectl exec -it podname -- curl http://podip:9080/MySpringBootServer/heartbeat
if not, ensure the path is correct
if yes, make sure the pod exists as an endpoint of the service
kubectl get endpoints myspringbootserver
there is a good debugging document regarding services here:
https://kubernetes.io/docs/tasks/debug-application-cluster/debug-application/#debugging-services