I'm new to gke/gcp and this is my first project.
I'm setting up istio using https://istio.io/docs/setup/kubernetes/quick-start-gke-dm/ tutorial.
I've exposed grafana as shown in the post using:
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
curl http://localhost:3000/dashboard/db/istio-dashboard
gives me http page on terminal, to access it from the browser I'm using master ip I get after executing kubectl cluster-info.
http://{master-ip}:3000/dashboard/db/istio-dashboard is not accessible.
How do I access services using port-forward on gke?
First grab the name of the Pod
$ kubectl get pod
and then use the port-forward command.
$ kubectl port-forward <pod-name> 3000:3000
It worked for me, I've found it from this nice website also explained on detail how to do it. Hope it can be useful.
What (exact) http page is returned by the curl command? Both of these docs [1]&[2] suggest using the url (with localhost) in the browser after setting up a tunnel to Grafana: http://localhost:3000/dashboard/db/istio-dashboard
Alternatively, have you tried with istio-ingressgateway IP address?
[1] https://github.com/GoogleCloudPlatform/gke-istio-telemetry-demo#view-grafana-ui
[2] https://istio.io/docs/setup/kubernetes/quick-start-gke-dm/#grafana
Related
For testing and learning purposes I tried to use istio in microk8s.
microk8s.enable istio
Then
export MYHOST=$(microk8s.kubectl config view -o jsonpath={.contexts..namespace}).bookinfo.com
microk8s.kubectl apply -l version!=v2,version!=v3 -f https://raw.githubusercontent.com/istio/istio/release-1.5/samples/bookinfo/platform/kube/bookinfo.yaml
microk8s.kubectl get pods shows running bookinfo containers.
But when I try to get gateway it shows me nothing.
microk8s.kubectl get gateway
No resources found in default namespace.
microk8s.kubectl get all --all-namespaces shows pod/istio-engressgateway and its IP address.
But I can not access to that IP address, it shows not found.
What am I missing here? I just started Kubernetes and microk8s.
You also need to get bookinfo sample gateway yaml. To get that you must-
microk8s.kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.5/samples/bookinfo/networking/bookinfo-gateway.yaml
That should work..
I created a kubernetes cluster on my debian 9 machine using kind.
Which apparently works because I can run kubectl cluster-info with valid output.
Now I wanted to fool around with the tutorial on Learn Kubernetes Basics site.
I have already deployed the app
kubectl create deployment kubernetes-bootcamp --image=gcr.io/google-samples/kubernetes-bootcamp:v1
and started the kubectl proxy.
Output of kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
kubernetes-bootcamp 1/1 1 1 17m
My problem now is: when I try to see the output of the application using curl I get
Error trying to reach service: 'dial tcp 10.244.0.5:80: connect: connection refused'
My commands
export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
curl http://localhost:8001/api/v1/namespaces/default/pods/$POD_NAME/proxy/
For the sake of completeness I can run curl http://localhost:8001/api/v1/namespaces/default/pods/$POD_NAME/ and I get valid output.
The steps from this tutorial module represent environment as if You were working on one of the cluster nodes.
And the command tries to check connectivity to service locally on the node.
However In Your case by running Your kubernetes in a docker (kind) cluster the curl command is most likely ran from the host that is serving the docker containers that have kubernetes in it.
It might be possible to use docker exec to get inside kind node and try to run curl command from there.
Hope this helps.
I'm also doing following the tutorial using kind and got it to work forwarding the port:
kubectl port-forward $POD_NAME 8001:8001
Try add :8080 after the $POD_NAME
curl http://localhost:8001/api/v1/namespaces/default/pods/$POD_NAME:8080/proxy/
I have been able to successfully setup kubernetes on my Centos 7 server.
On trying to get the dashboard working after following the documentation, running 'kubectl proxy' it
attempts to run using 127.0.0.1:9001 and not my server ip. Do this mean I cannot access kubernetes dashboard outside the server?
I need help on getting the dashboard running using my public ip
You can specify on which address you want to run kubectl proxy, i.e.
kubectl proxy --address <EXTERNAL-IP> -p 9001
Starting to serve on 100.105.***.***:9001
You can also use port forwarding to access the dashboard.
kubectl port-forward --address 0.0.0.0 pod/dashboard 8888:80
This will listen port 8888 on all addresses and route traffic directly to your pod.
For instance:
rsha:~$ kubectl port-forward --address 0.0.0.0 deploy/webserver 8888:80
Forwarding from 0.0.0.0:8888 -> 80
In another terminal running
rsha:~$ curl 100.105.***.***:8888
<html><body><h1>It works!</h1></body></html>
As I understand, you would like to access the dashboard from your laptop. What you should do is create an admin account called k8s-admin:
$ kubectl --namespace kube-system create serviceaccount k8s-admin
$ kubectl create clusterrolebinding k8s-admin --serviceaccount=kube-system:k8s-admin --clusterrole=cluster-admin
Then setup kubectl on your laptop, e.g. for macOS it looks like this (see documentation):
$ brew install kubernetes-cli
Setup a proxy to your workstation. Create a ~/.kube directory on your laptop and then scp the ~/.kube/config file from the k8s (Kubernetes) master to your ~/.kube directory.
Then get the authentication token you need to connect to the dashboard:
$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep k8s-admin | awk '{print $1}')
Now start the proxy:
$ kubectl proxy
Now open the dashboard by going to:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
You should see the Token option and then copy-paste the token from the prior step and Sign-In.
You can follow this tutorial.
I am running an application with GKE. It works fine but I can not figure out how to get the external IP of the service in a machine readable format.
So i am searching a gcloud or kubectl command that gives me only the external IP or a url of the format http://192.168.0.2:80 so that I can cut out the IP.
You can use the jsonpath output type to get the data directly without needing the additional jq to process the json:
kubectl get services \
--namespace ingress-nginx \
nginx-ingress-controller \
--output jsonpath='{.status.loadBalancer.ingress[0].ip}'
NOTE
Be sure to replace the namespace and service name, respectively, with yours.
Maybe not GKE as my clusters are on AWS, but I assume logic will be similar. When you kubectl get svc you can select output format and it will show more then just the "normal" get. For me, with ELB based services to het LB hostname it's enough to run ie. kubectl -n kube-system get svc cluster-nginx-ingress-controller -o json | jq .status.loadBalancer.ingress.hostname
In my case 'kubectl get services' returns array of items, but not just one service.
So then such jsonpath works fine to me:
kubectl get services -l component=controller,app=nginx-ingress -o jsonpath="{.items[0].status.loadBalancer.ingress[0].ip}"
...and yet another way... This will list all the "load-balancer" services
kubectl get services --all-namespaces -o json | jq -r '.items[] | { name: .metadata.name, ns: .metadata.namespace, ip: .status.loadBalancer?|.ingress[]?|.ip }'
Depending on the networkPlugin used by your cluster services/pods may be exposed directly on external-ip. But this will also find an Ingress controllers run in the cluster.
To get the external-ip on GCP i can use:
kubectl get services --namespace=<your-namespace> -o jsonpath="{.items[0].status.loadBalancer.ingress[0].ip}"
The answers above do not provide the output the user asked. The correct command would be:
kubectl -n $namespace get svc $ingressServiceName -o json | jq -r .status.loadBalancer.ingress[].hostname
All previous solutions don't work any more for me (on GCP).
To get the IP:
kubectl get ingress <YOUR_INGRESS_NAME> -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
To get the host-name:
kubectl get ingress <YOUR_INGRESS_NAME> -o jsonpath="{.spec.rules[0].host}"
Type
minikube tunnel
or
kubectl cluster-info
You can get the public exposed IP of your relevant service.
I have kubeDNS set up on a bare metal kubernetes cluster. I thought that would allow me to access services as described here (http:// for those who don't want to follow the link), but when I run
curl https://monitoring-influxdb:8083
I get the error
curl: (6) Could not resolve host: monitoring-influxdb
This is true when I run curl on a service name in any namespace. Is this an error with my kubDNS setup or are there different steps I need to take in order to achieve this? I get the expected output when I run the test at the end of this article.
For reference:
kubeDNS controller yaml files
kubeDNS service yaml file
kubelet flags
output of kubectl get svc in default and kube-system namespaces
The service discovery that you're trying to is documented at https://kubernetes.io/docs/concepts/services-networking/dns-pod-service, and is for communications within one pod talking to an existing service, not from nodes (or the master) to speak to Kubernetes services.
You will want to leverage the DNS for the service in form of <servicename>.<namespace> or <servicename>.<namespace>.svc.cluster.local. To see this in operation, kick up an interactive pod with busybox (or use an existing pod of your own) with something like:
kubectl run -i --tty alpine-interactive --image=alpine --restart=Never
and within that shell that is provided there, make an nslookup command. From your example, I'm guessing you're trying to access influxDB from https://github.com/kubernetes/heapster/tree/master/deploy/kube-config/influxdb, then it will be installed into the kube-system namespace, and the service name you'd use from another Pod internally to the cluster would be:
monitoring-influxdb.kube-system.svc.cluster.local
For example:
kubectl run -i --tty alpine --image=alpine --restart=Never
If you don't see a command prompt, try pressing enter.
/ # nslookup monitoring-influxdb.kube-system.svc.cluster.local
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: monitoring-influxdb.kube-system.svc.cluster.local
Address 1: 10.102.27.233 monitoring-influxdb.kube-system.svc.cluster.local
As #Michael Hausenblas pointed out in the comments, curl http://monitoring-influxdb:8086 needs to be run from within a pod. Doing that provided the expected results