I am running Knative/Istio in minikube(docker driver) on a mac computer with docker for mac
kubectl get svc -n istio-system istio-ingressgateway
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
istio-ingressgateway LoadBalancer 10.104.16.88 localhost 15021:30057/TCP,80:31309/TCP,443:31753/TCP,15012:31321/TCP,15443:31887/TCP 14d
Is it possible to Configure the Docker daemon in any way so I can expose the "EXTERNAL-IP localhost to the host machine.
And then further expose the host machine to a dns server to access container apps in kubernetes?
{
"dns": ["8.8.8.8", "127.0.0.1"]
}
To be able to do myapp.default.mydomain.com into kubernetes within the minikube on the host machine
Thanks in advance
Run minikube tunnel this will allocate an EXTERNAL-IP that is reachable from the host. for more info check the minkube docs
Related
I'm Using docker desktop . When I am using nodeport as a service the application is not accessible for the localhost.
Tried kubectl get SVC and the service is nodeport only
I want to ssh minikube/docker-desktop, but I cant. How can i do that?
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 4m47s v1.20.2 192.168.49.2 <none> Ubuntu 20.04.2 LTS 4.19.121-linuxkit docker://20.10.6
ssh minikube
ssh: Could not resolve hostname minikube: nodename nor servname provided, or not known
I am learning K8s and able to ssh while working on K8s hands-on labs available online. I'd like t test some stuff on my local environment.
minikube is the node name within the Kubernetes API, not a hostname in this case. Minikube offers a wrapper minikube ssh command to automate pulling the IP and whatnot. Docker Desktop does not offer an official way to get a shell in the VM as it's a single-purpose appliance and they want it in a known state, but you can fake it by running a super-superuser container like docker run -it --rm --privileged --pid=host justincormack/nsenter1 to break out into the host namespaces.
Shortly, I use GOOGLE COMPUTE ENGINE (external IP: 34.73.89.55, all ports and protocols are opened), then I install Docker, minikube, kubectl. Then:
minikube start --driver=docker
minikube tunnel
kubectl create deployment hello-minikube1 --image=k8s.gcr.io/echoserver:1.4
kubectl expose deployment hello-minikube1 --type=LoadBalancer --port=8080
kubectl get svc
and I get:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube1 LoadBalancer 10.110.130.109 10.110.130.109 8080:31993/TCP 9m22s
My question is, why the EXTERNAL-IP did not match with the host's external IP: 34.73.89.55? How can I access this service remotely by the host's external IP (ex: I'm at home and access via browser)?
Ps: I would like to use GOOGLE COMPUTE ENGINE.
EDIT:
I also try:
sudo minikube start --driver=none
sudo kubectl create deployment hello-minikube1 --image=k8s.gcr.io/echoserver:1.4
sudo kubectl expose deployment hello-minikube1 --type=NodePort --port=8080
wget 127.0.0.1:8080
=>not work
By default minikube expects to run in a separate VM. This can be changed by explicitly specifying a driver.
Why the EXTERNAL-IP did not match with the host's external IP?
Because minikube uses a tunnel which creates a route to services deployed with type LoadBalancer and sets their Ingress to their ClusterIP. For a
detailed example see this documentation.
How can I access this service remotely by the host's external IP?
I see two options here:
More recommended: Set --driver=none
Minikube also supports a --driver=none option that runs the
Kubernetes components on the host and not in a VM. Using this driver
requires Docker and a Linux environment but not a hypervisor.
Might be less ideal: Use port forwarding (either using iptables or proxy). This might be less ideal.
Also remember that minikube was created for testing purposes on locahost. Keep that in mind while using it.
EDIT:
When going for --driver=none you can:
Use NodePort type instead of LoadBalancer.
Continue using Loadbalancer with a modified Service by adding:
spec:
externalIPs:
- <host_address>
For example:
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: hello-minikube1
name: hello-minikube1
spec:
externalIPs:
- <host_address>
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
app: hello-minikube1
type: LoadBalancer
status:
loadBalancer: {}
The above was tested and resulted in EXTERNAL IP = HOST IP.
Please let me know if that helped.
I am trying to deploy nginx image from docker hub to kubernetes cluster.
This is the steps I did -
docker pull nginx
kubectl run nginx --image=nginx --port=8080 --image-pull-policy=IfNotPresent
kubectl expose deployment nginx --type=LoadBalancer --port=80 --target-port=8080 --name=nginx
xxx#cloudshell:~ (involuted-ratio-227118)$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.51.240.1 <none> 443/TCP 2d
nginx LoadBalancer 10.51.252.202 34.73.115.78 80:30355/TCP 8m
nginx-http ClusterIP 10.51.254.159 <none> 80/TCP 1d
Below is the error displayed on accessing external endpoint URL -
The following error was encountered while trying to retrieve the URL: http://34.73.115.78/
Connection to 34.73.115.78 failed.
The system returned: (111) Connection refused
The remote host or network may be down. Please try the request again.
Your cache administrator is webmaster.
But I see nginx deployed and also service endpoint showing without any errors in kubernetes-dashboard. I even checked nginx pod logs and this is what is displayed -
The selected container has not logged any messages yet.
Any help is appreciated. Thanks
nginx run in port 80. But you are trying to connect in port 8080. That's why you are getting error. Try this instead:
kubectl run nginx --image=nginx --port=80 --image-pull-policy=IfNotPresent
kubectl expose deployment nginx --type=LoadBalancer --port=80 --target-port=80 --name=nginx
From Pod to localhost, ssh works well. And ping also works well with each other.
There is centos7 in Pod. Also, openssh-server is installed in Pod. But there is always an error.
kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
hadoop-master-pod 1/1 Running 0 39m 10.244.9.25 slave10 <none>
hadoop-secondary-pod 1/1 Running 0 48m 10.244.11.11 slave12 <none>
ssh 10.244.9.25
ssh: connect to host 10.244.9.25 port 22: Connection refused
You should be able to connect using kubectl exec -it hadoop-master-pod -- /bin/bash
Then You can check if your pod in listening on port 22 for 0.0.0.0
Check the iptables if there is nothing blocked.
Make sure openssh is running and on which port it's running.
10.244.9.25 IP is an internal IP address given to pod by Kubernetes ( you can read more about Kubernetes networking model here ) to use inside Kubernets cluster so you won't be able to SSH or even to ping to these IPs from outside the cluster. In other words the network containing 10.244.9.25 is like a private network inside the K8 cluster and your host machine (localhost) is on different network.
If you want to get into the container for example in here you can use kubectl exec -it hadoop-master-pod -- /bin/bash or /bin/sh depending on the shell installed in the container and you can do anything that you tried to do by SSH into the pod.
If you really want to SSH into the pod from localhost (outside the cluster) you can write a Kubernetes Service probably exposing over NodePort which will expose the 22 (default port of SSH) to outside via NodePort.