How to locally access influx db deployed on GCP kubernetes - kubernetes

Influxdb 1.8 is deployed on kubernets using helm charts. influx db is deployed as Stateful Set that exposes a service with one running pods. Am able to ssh into running pods using kubectl exec command and its running fine. I can also see databases using influx cli after logging into pods
But i need to access this influx db on my local system to execute queries directly from my system using curl command. Deployed influxdb has no external IP/DNS. It ha internal endpoint that usually starts with 10...*
Can anybody guide me on how can i access influxdb on my local system using curl command?

You can use the kubectl port-forward command. You can use it to either map a Pod or a Service TCP port to a port on your local machine:
> kubectl port-forward service/your-influxdb-service 8086:8086
^ ^
| |
local port remote/service port
While that command is running, kubectl will forward all connections to your local port 8086 to the same port of your InfluxDB service. All traffic will be funneled through kubectl and your API server, so this is not exactly suited for high-throughput scenarios, but should be sufficient for occasional debugging and testing.

Related

access postgres in kubernetes from an application outside the cluster

Am trying to access postgres db deployed in kubernetes(kubeadm) on centos vms from another application running on another centos vm. I have deployed postgres service as 'NodePort' type. My understanding is we can deploy it as LoadBalancer type only on cloud providers like AWS/Azure and not on baremetal vm. So now am trying to configure 'ingress' with NodePort type service. But am still unable to access my db other than using kubectl exec $Pod-Name on kubernetes master.
My ingress.yaml is
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: postgres-ingress
spec:
backend:
serviceName: postgres
servicePort: 5432
which does not show up any address as below
NAME HOSTS ADDRESS PORTS AGE
postgres-ingress * 80 4m19s
am not even able to access it from pgadmin on my local mac. Am I missing something?
Any help is highly appreciated.
Ingress won't work, it's only designed for HTTP traffic, and the Postgres protocol is not HTTP. You want solutions that deal with just raw TCP traffic:
A NodePort service alone should be enough. It's probably the simplest solution. Find out the port by doing kubectl describe on the service, and then connect your Postgres client to the IP of the node VM (not the pod or service) on that port.
You can use port-forwarding: kubectl port-forward pod/your-postgres-pod 5432:5432, and then connect your Postgres client to localhost:5432. This is my preferred way for accessing the database from your local machine (it's very handy and secure) but I wouldn't use it for production workloads (kubectl must be always running so it's somewhat fragile and you don't get the best performance).
If you do special networking configuration, it is possible to directly access the service or pod IPs from outside the cluster. You have to route traffic for the pod and service CIDR ranges to the k8s nodes, this will probably involve configuring your VM hypervisors, routers and firewalls, and is highly dependent on what networking (CNI) plugin are you using for your Kubernetes cluster.

Difference between kubectl port-forwarding and proxy

kubectl proxy and kubectl port-forwarding look similar and confusing to me, what are their main differences and use cases?
As mentioned in "How kubectl port-forward works?"
kubectl port-forward forwards connections to a local port to a port on a pod.
Compared to kubectl proxy, kubectl port-forward is more generic as it can forward TCP traffic while kubectl proxy can only forward HTTP traffic.
As an example, see "Kubernetes port forwarding simple like never before" from Alex Barashkov:
Port forwarding mostly used for the purpose of getting access to internal cluster resources and debugging.
How does it work?
Generally speaking, using port forwarding you could get on your ‘localhost’ any services launched in your cluster.
For example, if you have Redis installed in the cluster on 6379, by using a command like this:
kubectl port-forward redis-master-765d459796-258hz 7000:6379
you could forward Redis from the cluster to localhost:7000, access it locally and do whatever you want to do with it.
For a limited HTTP access, see kubectl proxy, and, as an example, "On Securing the Kubernetes Dashboard" from Joe Beda:
The easiest and most common way to access the cluster is through kubectl proxy. This creates a local web server that securely proxies data to the dashboard through the Kubernetes API server.
As shown in "A Step-By-Step Guide To Install & Use Kubernetes Dashboard" from Awanish:
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
Accessing Dashboard using the kubectl
kubectl proxy
It will proxy server between your machine and Kubernetes API server.
Now, to view the dashboard in the browser, navigate to the following address in the browser of your Master VM:
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

Kompose doesn't bring up localhost for openzipkin and Elastic

I am new to K8s and I am trying to migrate my service (which currently utilizes docker-compose.yml) to k8s. My service
deploys zipkin and elasticsearch
and these can be accessed at 'localhost:9411' and 'localhost:9200' respectively.
The most commonly used solution I found online was 'kompose' and I tried to run,
kompose up
2.
kompose convert
kubectl apply -f *****-deployment.yaml, ****-service.yaml
Once I finish this, I run kubectl get pods and I can see my deployments, but elasticsearch and zipkin are no more responsive on their respective localhost ports.
Ouput of 'kubectl get pods'
Output of 'docker ps'
Output of curl http://localhost:9200
Can someone tell me why this is happening and how to debug?
It is solved now; all I had to do was port forwarding.
kubectl port-forward zipkin-774cc77659-g929n 9411:9411
Thanks,
By default you service is exposed as ClusterIP, in this case your service will be accessible from within your cluster.
You can use port forwarding "With this connection in place you can use your local workstation to debug your application that is running in the pod" as described in the answer above.
Another approach is to use other "service types" like NodePort.
You can find more information here Publishing services (ServiceTypes)

Minikube networking

I have a Linux build machine that I have installed minikube too. Within the minikube instance I have installed artifactory which I will be using for storing various build artifacts
I now want to be able to do some work on my dev machine (which is an unrelated laptop on the same network as the Linux build machine) and push some built artifacts into artifactory.
However I can't figure out how to get to artifactory. When I ssh to the Linux server and check the minikube service I can see that the artifactory instance is running on a 192.168 address.
Is there any way to expose artifactory ie access it on the windows machine? Or is this not possible and I should just install artifactory on the Linux machine rather than in minikube?
Expose you artifactory Service
$ minikube service <artifactory-service> -n <namespace>
Or get the URL
$ minikube service <artifactory-service> -n <namespace> --url
If you want to access from remote, you need to do something else.
Suppose, when you run minikube service <artifactory-service> -n <namespace> --url, you get following
http://192.168.99.100:30654
You can access artifactory in minikube using this URL. But can't access from remote.
Now do this, expose port 30654
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L \*:30654:0.0.0.0:30654
You will be able to access from other network.
Yes, we need an ingress controller (like nginx) to expose a kubernetes service for external access.
There are three ways to create the nginx ingress service using kubernetes per https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types and expose it for external access:
LoadBalancer service type which sets the ExternalIP automatically. This is used when there is an external non-k8s, cloud-provider's load-balancer like CGE, AWS or Azure, and this external load-balancer would provide the ExternalIP for the nginx ingress service.
ExternalIPs per https://kubernetes.io/docs/concepts/services-networking/service/#external-ips.
NodePort. In this approach, the service can be accessed from outside the cluster using NodeIP:NodePort/url/of/the/service.
Along with the nginx ingress controller, you'll need an ingress resource too. Refer https://github.com/nginxinc/kubernetes-ingress/tree/master/examples/complete-example for examples.
Keep in mind that Minikube is a small VM with a small docker registry by default. So, it may not be possible to store a lot of build artifacts in Minikube.
To get this to work in the end I setup ingress on minikube and then through entries in hosts file and nginx as a reverse proxy managed to get things working.

Exposing kubernetes service locally (without minikube)

I'm using lxc/lxd to play with the kubenetes cluster.
Is there a way to expose a deployed service locally without using minikube, so that I could access it from the local machine?
I can access it from any of the nodes in the cluster but not from outside.
Do you want to acccess the pod being served by the service? if yes, you can use kubectl port-forward to connect to your pod and access it locally
Here is an example:
If you have a service which forwards all the requests to a pod ( nginx ) at port number 80 you can configure it to your local port as follows
kubectl port-forward -n default nginx-5767f4d585-hgtfj 8081:80
Here is the syntax of the same
kubectl port-forward -n NAMESPACE ${POD} local-port:pod-port
If you want to connect to your service directly, you need to do it via kubectl proxy
Here is a reference
Hope it helps.