Expose Kubernetes Ingress to LAN computers - kubernetes

I have computer A and B on LAN:
A at IP 192.168.0.104
B at IP 192.168.0.110
On computer B I have a Kubernetes service with ingress:
path hello
host hello-node.com
minikube ip is 192.168.49.2
/etc/hosts has a line:
192.168.49.2 hello-node.com
On B I see the service response to hello-node.com/hello but not to
192.168.49.2/hello. On 192.168.49.2/hello I see 404 error from nginx.
How do I access either hello-node.com/hello or 192.168.49.2/hello from computer A?
I do not want to rely on any 3rd party service (load balancer etc)
info:
minikube version: v1.16.0
$ kubectl cluster-info
Kubernetes control plane is running at https://192.168.49.2:8443
KubeDNS is running at https://192.168.49.2:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Workaround without using ingress, but NodePort expose command. From link from #mariusz-k
kubectl expose deployment/hello-node --type="NodePort" --port 8080
SERVICE_NODE_IP=$(minikube ip)
FORWARD_PORT=8090
SERVICE_NODE_PORT=$(kubectl get services/hello-node -o go-template='{{(index .spec.ports 0).nodePort}}')
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$SERVICE_NODE_IP -NL \*:$FORWARD_PORT:0.0.0.0:$SERVICE_NODE_PORT


You need to get the address of Computer B (the cluster ip) and then connect to it.
# Get the cluster "master" ip
$ kubectl cluster-info
Kubernetes master is running at https://<the desired ip/DNS record>......:443
# use the above ip to get the content of your service
curl -vsI <ip>/hello


You can access your minikube service from another machine by following steps from this github issue:
service_name=web # This is what you need to replace with your own service
service_port=$(minikube service $service_name --url | cut -d':' -f3)
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -NL \*:${service_port}:0.0.0.0:${service_port}
After that your service will be available under `<minikube's-host-ip>:

Related

How to connect kubernetes pod server on guest os from host os

I am testing k8s on ubuntu using virtual box.
I have two nodes, one is master, another is worker node.
I deployed a pod containing nginx server container for test.
I can access the webpage deployed by the pod on master node with commands below
kubectl port-forward nginx-server 8080:80
curl localhost:8080
but I want to open this page on my host os(windows10) using chrome web browser
This is how I set port-forwading on virtual-box...

simply answer your question, use address args for the kubectl command:
kubectl port-forward --address 0.0.0.0 nginx-server 8080:80
here is the explanation:
kubectl port-forward bind to localhost by default
the port forward for your virtual box is bind to 10.100.0.104
0.0.0.0 will bind the port to both localhost and 10.100.0.104
change 0.0.0.0 to 10.100.0.104 will also work for 10.100.0.104 access, but not the localhost
and also, when exposing a port, you could use a NodePort service: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport

How to access to the services in kubernetes cluster when ssh to another VMs via proxy?

Consider if we build two VMs in a bare-metal server through a network, one is master and another is worker. I ssh to the master and construct a cluster using kubeadm which has three pods and a service with type: ClusterIP. So when I want access to the cluster I do kubectl proxy in the master. Now we can explore the API with curl and wget in the VM which we ssh to it, like this :
$ curl http://localhost:8080/api/
So far, so good! but I want access to the services by my laptop? The localhost which comes above is refer to the bare-metal server! How can access to the services through proxy by my laptop when cluster is placed in another machine?
When I do $ curl http://localhost:8080/api/ in my laptop it says :
127.0.0.1 refused to connect
which make sense! But what is the solution to this?

If you forward the port 8080 when sshing to master, you can use localhost on your laptop to access the apis on the cluster.
You can try adding the -L flag to your ssh command:
$ ssh -L 8080:localhost:8080 your.master.host.com
Then the curl to localhost will work.

You can also specify an extra arguments to the kubectl proxy command, to let your reverse-proxy server listening on non-default ip address (127.0.0.1) - expose outside
kubectl proxy --port=8001 --address='<MASTER_IP_ADDRESS>' --accept-hosts="^.*$"
You can get your Master IP address by issuing following command: kubectl cluster-info

Routing an internal Kubernetes IP address to the host system

While running Minikube, I want to connect to a server that has the annoying habit of announcing itself to a service registry with its internal IP address from inside its pod.
However for legacy reasons I have to connect to this registry first and retrieve that server's ip address from it. The only way to access this server from my dev machine, it seems to me, is bridging to the internal network, so I can access the networking of the Minikube. Is there an easy way to do this?

You can add a route to the k8 internal network from localhost
Add a route to the internal network using the minikube ip address
$ sudo ip route add 172.17.0.0/16 via $(minikube ip) # linux
$ sudo route -n add 172.17.0.0/16 $(minikube ip) # OSX
your subnet mask could be found using kubectl get service command
Test the route by deploying a test container and connect to it from localhost
$ kubectl run monolith --image=kelseyhightower/monolith:1.0.0 --port=80
$ IP=$(kubectl get pod -l run=monolith -o jsonpath='{.items[0].status.podIP }')
$ curl http://$IP
{"message":"Hello"}
You can also add a route to K8 master
sudo route -n add 10.0.0.0/24 $(minikube ip)
This is only useful for local development, you should use NodePort or LoadBalancer for exposing pods in production.

If I understand correctly: You are trying to expose a server from within minikube to your host network. This can be done a few ways:
The first is to create a NodePort Service for your server/pod. You can then run minikube service list to get the url for your service:
$ minikube service list
|-------------|----------------------|-----------------------------|
| NAMESPACE | NAME | URL |
|-------------|----------------------|-----------------------------|
| default | kubernetes | No node port |
| default | <your-service> | http://192.168.99.100:<port>|
| kube-system | kube-dns | No node port |
| kube-system | kubernetes-dashboard | http://192.168.99.100:30000 |
|-------------|----------------------|-----------------------------|
The second is to use kubectl proxy and proxy the port you want to your local machine. This method does not require you to create a service, it should work with your current configuration.
kubectl proxy --port=<port-you-want-access-on-server>
This will then make the proxied port available at localhost:port
If you are just trying to get the IP address of a pod, this command should work (from How to know a Pod's own IP address from a container in the Pod?):
kubectl get pod $POD_NAME --template={{.status.podIP}}
Also if you just need to access minikube's internal network you can use:
minikube ssh
Which will drop you into minikube's VM

Access NodePort service from another machine in the same network

I installed minikube on my mac and created deployment and a service for my nodejs app. I tested that everything is working by getting the URL of my service using the following command:
minikube service my-nodejs-app --url
and then I run this URL in the browser and got results. The problem is when i tried to access the same URL from another machine inside the same network it didn't worked.
my service.yml file is:
apiVersion: v1
kind: Service
metadata:
name: my-nodejs-app
spec:
type: NodePort
ports:
- port: 80
targetPort: 1337
protocol: TCP
name: app-server
selector:
app: my-nodejs-app
I tried to use port forwarding to forward my pod port to my localhost and it works only on the same machine who host the cluster and when I try to access from another machine on the same network (via the IP address of the machine where the cluster deployed) I still get page not found.

You can use "port forward a service". Assuming:
Your local machine IP: 166.6.6.6 (which hold minikube)
Your minikube IP: 192.168.99.100 (check the real IP with command $minikube ip)
The nodePort of your service 'my-nodejs-app': 31000 (check the real
nodePort with command: $kubectl get service)
In order to access your service from remote, you can forward a port (like 31000, recommend the same port with nodePort) to your service through the following command in your local machine:
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L \*:31000:0.0.0.0:31000
Then you can access your service through URL: http://166.6.6.6:31000, which will be forwarded to your service URL http://192.168.99.100:31000
Thx: https://github.com/kubernetes/minikube/issues/877

Probably a bit late, but if anyone still having this issue-
Check the list of services and the one you want to expose if it is present
kubectl get svc -n {namespace_name}
Change the type to NodePort if it is of cluster IP type.
kubectl patch svc {service_name} -n {namespace_name} --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"}]'
Expose the above Node Port available to your local machine now for other machines on same network:
service_port=$(minikube service {service_name} -n {namespace_name} --url | cut -d':' -f3)
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -NL \*:${service_port}:0.0.0.0:${service_port}
Now you can access the above service from other machines on same network by just hitting the link-
{your_hostname}:{node_port}

Sounds like reaching it from another machine compares to exposing a ssevice to the web.
In that case you need to look into spec/type:LoadBalancer (http://kubernetes.io/docs/user-guide/load-balancer/)
That said, with minikube i'd stick to a single machine and development only tests

If I understand your problem correctly:
Your machine's IP: 192.168.1.4
Your minikube IP: 192.168.99.100
Accessing your service from a browser on your machine: http://192.168.99.100:30080
Now, let's say you're on another machine, say192.168.1.5, and you want to access this service.
The problem is that you need to map your machine's port to minikube's 30080 because minikube is a VM running on your machine (which cannot be accessed from outside your machine).
So you can try: Virtualbox "port forward" from Guest to Host.
Another alternative is to forward a port from your localhost to a pod directly (not the k8s svc unfortunately) by using kubectl port-forward.

You have not specified nodePort in ports.
Add below configuration in port
nodePort: 30000
You can access your service at http://[IP address]:30000

minikube fowarding to a service

I have a service that directs all traffic to a UI-pod. I want to redirect traffic from my localhost:80 to that service.
I have tried :
kubectl port-forward my_service 6379:6379
This doesnt work because that service is actually supposed to be a pod.
I have tried:
kubectl proxy --port=8080 --www=./local/www/
which looks for a pod too. Any suggestions?

Unfortunately in kubernetes you can't port forward a service yet - https://github.com/kubernetes/kubernetes/issues/15180
However, in minikube, you can use ssh port forwarding for the VM to achieve the same result
ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L 30000:localhost:30000