I am testing k8s on ubuntu using virtual box.
I have two nodes, one is master, another is worker node.
I deployed a pod containing nginx server container for test.
I can access the webpage deployed by the pod on master node with commands below
kubectl port-forward nginx-server 8080:80
curl localhost:8080
but I want to open this page on my host os(windows10) using chrome web browser
This is how I set port-forwading on virtual-box...
simply answer your question, use address args for the kubectl command:
kubectl port-forward --address 0.0.0.0 nginx-server 8080:80
here is the explanation:
kubectl port-forward bind to localhost by default
the port forward for your virtual box is bind to 10.100.0.104
0.0.0.0 will bind the port to both localhost and 10.100.0.104
change 0.0.0.0 to 10.100.0.104 will also work for 10.100.0.104 access, but not the localhost
and also, when exposing a port, you could use a NodePort service: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport
Related
I have a kubernetes cluster in which in one of the docker container I am running django.
It is listening on port 8999
http://0.0.0.0:8999
Whereas the service is listening on port 8444
I need to access django admin from outside so I did port forward
kubectl port-forward service/django-service 8444:8444
But it is not loading the page. I am not sure if I should port forward the 8444 or 8999.
Please advise.
say your django app is running in a container inside a pod naming -
'django-75f59d57f4-4nd6q'
Verify that the django-75f59d57f4-4nd6q is running in the Pod, and listening on port 8999
kubectl get pod django-75f59d57f4-4nd6q --template='{{(index (index .spec.containers 0).ports 0).containerPort}}{{"\n"}}'
If you get - 8999 in the result
and if you want to port-forward it to 8444
do this -
kubectl port-forward django-75f59d57f4-4nd6q 8444:8999
and if you have named the service as django-service as then do
kubectl port-forward service/django-service 8444:8999
Is there a corresponding command with kubectl to:
ssh -L8888:rds.aws.com:5432 example.com
kubectl has port-forward you can also specify --address but that strictly requires an IP address.
The older answer is valid.
Still, a workaround would be to use something like
https://hub.docker.com/r/marcnuri/port-forward
kubectl run --env REMOTE_HOST=your.service.com --env REMOTE_PORT=8080 --env LOCAL_PORT=8080 --port 8080 --image marcnuri/port-forward test-port-forward
Run it on the cluster and then port forward to it.
kubectl port-forward test-port-forward 8080:8080
Short answer, No.
In OpenSSH, local port forwarding is configured using the -L option:
ssh -L 80:intra.example.com:80 gw.example.com
This example opens a connection to the gw.example.com jump server, and forwards any connection to port 80 on the local machine to port 80 on intra.example.com.
By default, anyone (even on different machines) can connect to the specified port on the SSH client machine. However, this can be restricted to programs on the same host by supplying a bind address:
ssh -L 127.0.0.1:80:intra.example.com:80 gw.example.com
You can read the docs here.
The port-forward in Kubernetes works only within the cluster, you can forward traffic that will hit specified port to Deployment or Service or a Pod
kubectl port-forward TYPE/NAME [options] [LOCAL_PORT:]REMOTE_PORT [...[LOCAL_PORT_N:]REMOTE_PORT_N]
--address flag is to specify what to listen on 0.0.0.0 means everything localhost is as name and you can set an IP on which it can be listening on.
Documentation is available here, you can also read Use Port Forwarding to Access Applications in a Cluster.
One workaround you can use if you have an SSH server somewhere on the Internet is to SSH to your server from your pod, port-forwarding in reverse:
# Suppose a web console is being served at
# http://my-service-8f6717ab-e.default:8888/
# inside your cluster:
kubectl exec -it my-job-f523b248-7htj6 -- ssh -R8888:my-service-8f6717ab-e.default:8888 user#34.23.1.2
Then you can connect to the service inside Kubernetes from outside of it. If the SSH server is not local to you, you can SSH to it from your local machine with a normal port forward:
me#my-macbook-pro:$ ssh -L8888:localhost:8888 user#34.23.1.2
Then point your browser to http://localhost:8888/
I have a service which is accessible on 8081. If I do via docker-compose or swarm without any specific changing on port it's work.
http://$(minikube ip):8081
but when i run my app via Kubernetes(minikube) is assign a nodePort in range of 30000-32767.
Then i have to call as follow:
http://$(minikube ip):30546
which is not acceptable from my service. Is there any way to map randomly given port to my own defined port?
When call second url then i am getting connection refused
I also used
kubectl port forward my-service 8081
but still no success.
kubectl port-forward command is incorrect. try below one
kubectl port-forward svc/my-service 8081:8081
then you should be able to access the service at http//:127.0.0.1:8081
This answer is not specific to Minikube but applicable to any Kubernetes cluster running inside a docker container.
In order to send a request from the host machine to the Kubernetes pod running in a container, you have to map ports from host machine to all the way to the pod.
Here is how you do it:
Publish the NodePort you want to use inside container to the host machine using --publish or -p.
# Map port 8080 on host machine to 31080 inside the container
docker run -p 8080:31080 ...
Use a custom NodePort when creating the service:
# You need to specify the exposed port as the nodePort value
# Otherwise Kubernetes will generate a random nodePort for you
kubectl create service nodeport myservice --node-port=31080 --tcp=3000:80
The application inside the pod listens to port 80 which is exposed as a service at port 3000. The traffic received at port 31080 on Kubernetes node will be directed at this service.
The query you send to 8080 on your host machine will follow this path:
Request -> Host Machine -> Docker Container -> Kubernetes Node -> Service -> Pod
↑ ↑ ↑ ↑ ↑
localhost:8080 :31080 :31080 :3000 :80
References:
https://docs.docker.com/engine/reference/commandline/run/
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#-em-service-nodeport-em-
The script I want to deploy listens to :4123 and k8s probably expose only :80 by default. How can I expose :4123 such that my script will be able to accept requests?
I tried port forwarding but there's a permission error to forward :80 to :4123 and k8s didn't allow to deploy an image that listens to :80 (since it's probably busy already).
You can choose which port to use locally, so you can just choose that the local port 8888 will be forwarded to the port 4123 in your container
kubectl port-forward your-pod 8888:4123
You can use 8888 or any other free port on your computer.
As advised by #fiunchinho, local port forwarding might help in your case. Adding --address 0.0.0.0 to this command makes it avaiable for all your interfaces like below:
$ kubectl port-forward --address 0.0.0.0 nginx-55bd7c9fd-6fpnx 8888:80
You can also expose it via External LoadBalancer like below:
kubectl expose <your-deploy> --port 80 --target-port 4123 --type LoadBalancer
Note: You need to have cloud provider in order to use type: LoadBalancer. For more info check Cloud providers in the Kubernetes documentation.
See Kubernetes documentation for more details:
Forward a local port to a port on the pod
Exposing an External IP Address to Access an Application in a Cluster
I installed minikube on my mac and created deployment and a service for my nodejs app. I tested that everything is working by getting the URL of my service using the following command:
minikube service my-nodejs-app --url
and then I run this URL in the browser and got results. The problem is when i tried to access the same URL from another machine inside the same network it didn't worked.
my service.yml file is:
apiVersion: v1
kind: Service
metadata:
name: my-nodejs-app
spec:
type: NodePort
ports:
- port: 80
targetPort: 1337
protocol: TCP
name: app-server
selector:
app: my-nodejs-app
I tried to use port forwarding to forward my pod port to my localhost and it works only on the same machine who host the cluster and when I try to access from another machine on the same network (via the IP address of the machine where the cluster deployed) I still get page not found.
You can use "port forward a service". Assuming:
Your local machine IP: 166.6.6.6 (which hold minikube)
Your minikube IP: 192.168.99.100 (check the real IP with command $minikube ip)
The nodePort of your service 'my-nodejs-app': 31000 (check the real
nodePort with command: $kubectl get service)
In order to access your service from remote, you can forward a port (like 31000, recommend the same port with nodePort) to your service through the following command in your local machine:
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L \*:31000:0.0.0.0:31000
Then you can access your service through URL: http://166.6.6.6:31000, which will be forwarded to your service URL http://192.168.99.100:31000
Thx: https://github.com/kubernetes/minikube/issues/877
Probably a bit late, but if anyone still having this issue-
Check the list of services and the one you want to expose if it is present
kubectl get svc -n {namespace_name}
Change the type to NodePort if it is of cluster IP type.
kubectl patch svc {service_name} -n {namespace_name} --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"}]'
Expose the above Node Port available to your local machine now for other machines on same network:
service_port=$(minikube service {service_name} -n {namespace_name} --url | cut -d':' -f3)
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -NL \*:${service_port}:0.0.0.0:${service_port}
Now you can access the above service from other machines on same network by just hitting the link-
{your_hostname}:{node_port}
Sounds like reaching it from another machine compares to exposing a ssevice to the web.
In that case you need to look into spec/type:LoadBalancer (http://kubernetes.io/docs/user-guide/load-balancer/)
That said, with minikube i'd stick to a single machine and development only tests
If I understand your problem correctly:
Your machine's IP: 192.168.1.4
Your minikube IP: 192.168.99.100
Accessing your service from a browser on your machine: http://192.168.99.100:30080
Now, let's say you're on another machine, say192.168.1.5, and you want to access this service.
The problem is that you need to map your machine's port to minikube's 30080 because minikube is a VM running on your machine (which cannot be accessed from outside your machine).
So you can try: Virtualbox "port forward" from Guest to Host.
Another alternative is to forward a port from your localhost to a pod directly (not the k8s svc unfortunately) by using kubectl port-forward.
You have not specified nodePort in ports.
Add below configuration in port
nodePort: 30000
You can access your service at http://[IP address]:30000