I've been learning Kubernetes recently and just came across this small issue. For some sanity checks, here is the functionality of my grpc app running locally:
> docker run -p 8080:8080 -it olamai/simulation:0.0.1
< omitted logs >
> curl localhost:8080/v1/todo/all
{"api":"v1","toDos":[{}]}
So it works! All I want to do now is deploy it in Minikube and expose the port so I can make calls to it. My end goal is to deploy it to a GKE or Azure cluster and make calls to it from there (again, just to learn and get the hang of everything.)
Here is the yaml I'm using to deploy to minikube
And this is what I run to deploy it on minikube
> kubectl create -f deployment.yaml
I then run this to get the url
> minikube service sim-service --url
http://192.168.99.100:30588
But this is what happens when I make a call to it
> curl http://192.168.99.100:30588/v1/todo/all
curl: (7) Failed to connect to 192.168.99.100 port 30588: Connection refused
What am I doing wrong here?
EDIT: I figured it out, and you should be able to see the update in the linked file. I had pull policy set to Never so it was out of date 🤦
I have a new question now... I'm now able to just create the deployment in minikube (no NodePort) and still make calls to the api... shouldn't the deployment need a NodePort service to expose ports?
I checked your yaml file and it works just fine. But only I realized that you put 2 types for your services, LoadBalancer and also NodePort which is not needed.
As if you check from this documentation definition of LoadBalancer, you will see
LoadBalancer: Exposes the service externally using a cloud provider’s
load balancer. NodePort and ClusterIP services, to which the external
load balancer will route, are automatically created.
As an answer for your next question, you probably put type: LoadBalancer to your deployment yaml file, that's why you are able to see NodePort anyway.
If you put type: ClusterIP to your yaml, then service will be exposed only within cluster, and you won't able to reach to your service outside of cluster.
From same documentation:
ClusterIP: Exposes the service on a cluster-internal IP. Choosing this
value makes the service only reachable from within the cluster. This
is the default ServiceType
Related
I am working on rancher server, k3s to improve my knowledge on these solutions.
I want to expose container services on LAN network, this is why I used kubectl port-forward.
kubectl port-forward --namespace=ns-name --address LAN-IP service/hello 30104:8080
But I can see in several web resources that is not a reliable solution, just for local testing purpose.
I tried to replace them by ingress but I am a bit lost between ingress, DNS and nginx-ingress in addition to rancher component.
I understood than load balancer need a cloud provider, to have a public IP for instance, and handle the <pending> state of load balancer.
Can you highlight me on how replace port-forward in LAN without a cloud provider?
[edit #Rajesh Dutta]
I already use NodePort, but, without port-forward the service is exposed as NODE_IP:PORT, not LAN_IP:PORT. My need is to join it from outside of the cluster.
So this is what i did :
1 - create deployment
kubectl create deployment hello --image=gcr.io/google-samples/node-hello:1.0 --port=8080 --replicas=2
2 - expose deployment(create service)
kubectl expose deployment hello --type=NodePort
3 - forward service
kubectl port-forward --namespace=ns-name --address local-ip service/hello 30104:8080
IP schema
Now, considering that i will have several service, i would find the best ways to replace port-forward.
To start with I would recommend to use NodePort service. This will expose your application to a NodePort(30000-32767). Later if you want you can choose to switch to ingress.
Assuming that you are trying with a deployment type object
command:
kubectl expose deployment deployment-name --type=NodePort --port=8080 --target-port=<rancher server port>
I am deploy kubernetes UI using this command:
kubectl apply -f kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
And it response "Unable to connect to the server: dial tcp 185.199.110.133:443: i/o timeout"
I behind proxy, how can i fix it?
All the services that you deployed via the supplied url don't have a kind specified. This means they will be using the default service type which is ClusterIP.
Services of Kind ClusterIP are only accessible from inside your Kubernetes Cluster.
If you want the Dashboard to be accessible from outside your Cluster, you will need a service of type NodePort. A NodePort Service will assign a random high number port on all your nodes on which your application, in this case the k8s dashboard, will be accessible via ${ip-of-any-node}:${assigned-nodeport}.
For more information, please take a look at the official k8s documentation.
If your cluster is behind a proxy, also make sure, that you can reach your clusters node's external ip from wherever you are trying to send the request from.
In order to find out what port number has been assigned to your NodePort service use kubectl describe service ${servicename} or kubectl get service ${servicename} -o yaml
I am deploy kubernetes UI using this command:
kubectl apply -f kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
And it response "Unable to connect to the server: dial tcp 185.199.110.133:443: i/o timeout"
I behind proxy, how can i fix it?
All the services that you deployed via the supplied url don't have a kind specified. This means they will be using the default service type which is ClusterIP.
Services of Kind ClusterIP are only accessible from inside your Kubernetes Cluster.
If you want the Dashboard to be accessible from outside your Cluster, you will need a service of type NodePort. A NodePort Service will assign a random high number port on all your nodes on which your application, in this case the k8s dashboard, will be accessible via ${ip-of-any-node}:${assigned-nodeport}.
For more information, please take a look at the official k8s documentation.
If your cluster is behind a proxy, also make sure, that you can reach your clusters node's external ip from wherever you are trying to send the request from.
In order to find out what port number has been assigned to your NodePort service use kubectl describe service ${servicename} or kubectl get service ${servicename} -o yaml
I am new to Kubernetes. I have searched that you can use a LoadBalancer or NodePort to expose services. I am trying to follow tutorials on https://kubernetes.io/docs/tutorials/.
I am able to expose service with LoadBalancer but not NodePort. Here is the command I used.
kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080
I guess you're specifically following 'Use a Service to Access an Application in a Cluster'
Just to note in an answer what you came to already in the comments, you don't set a --port parameter on the expose in that example and just on the run. You set the port that the Pod responds to in the run command but not the port exposed externally in expose - k8s will choose that for you automatically from the NodePort range and then tell you which one it chose. Then you find a public IP for a node in order to access.
I am trying to deploy a jupyter notebook from Kubernetes; however, when I start jupyter and it prints a local host link, I am unable to open it on my computer because it's a "local host." Hence, it needs to be opened within the container.
However, I was unable to find any type of GUI desktop for kubernetes and I'm unsure how to open a browser to fire up the link. I saw some things about minikube. Is there a way to do this without using minikube?
The reason I am trying to install without minikube is because minikube requires hyper V and I have Windows 10 Home which is not compatible with hyper V.
The most common way to access an application in a pod is to use Service.
After creation, a Service object is assigned with a unique IP address (ClusterIP) which remains the same during the whole lifespan of the Service object. Pods can use this ClusterIP and port to access a subset of pods with labels matched to Service selector. When several pods are matched, Service chooses one of them as a destination by round-robin principle.
For example:
You can create a Service for your 2 nginx replicas with kubectl expose:
$ kubectl expose deployment/my-nginx
service "my-nginx" exposed
This is equivalent to kubectl create -f nginx-svc.yaml
with nginx-svc.yaml content as:
apiVersion: v1
kind: Service
metadata:
name: my-nginx
labels:
run: my-nginx
spec:
ports:
- port: 80
protocol: TCP
selector:
run: my-nginx
How to check your Service:
$ kubectl get svc my-nginx
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-nginx 10.0.162.149 <none> 80/TCP 21s
In some parts of your applications, you may want to expose Service onto an external IP address. Kubernetes supports two ways of doing this: NodePorts and LoadBalancers.
NodePort mode reserves one port on all cluster nodes and forwards traffic coming to this port to the pod which is matched to the selector.
In LoadBalancer mode, Service creates cloud load balancer and forwards traffic from the load balancer to the pod which is matched to the selector.
You can read more about it in the document Connecting Applications with Services
To avoid creating all these objects manually, you can use helm to generate and run objects based on a template for a particular application. Here is helm repository for jupiter notebook:
https://github.com/UNINETT/helm-charts
Kubernetes has WebUI called Dashboard. It doesn´t deploy by default, but it´s easy to deploy when you need it.
To deploy Dashboard, execute the following command:
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
To access Dashboard from your local workstation, you must create a secure channel to your Kubernetes cluster. Run the following command:
$ kubectl proxy
Now access Dashboard at:
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/.
To find out how to create sample user and log in, follow Creating sample user guide.
Since version 1.7 Dashboard by default has a minimal set of privileges and can only be accessed over HTTPS. Access Control guide can help you to extend user permissions.
In case you are limited with OS version, you can use free Oracle VirtualBox for minikube.