I am using the local Kubernetes cluster from Docker Desktop on Windows 10. No virtual machines, no minikubes.
I need to expose a port on my localhost for some service.
For example, I take kubernetes-bootcamp image from the official tutorial:
docker pull jocatalin/kubernetes-bootcamp:v2
Put it in the local registry:
docker tag jocatalin/kubernetes-bootcamp:v2 localhost:5000/kubernetes-bootcamp
docker push localhost:5000/kubernetes-bootcamp
Then create a deployment with this image:
kubectl create deployment kubernetes-bootcamp --image=localhost:5000/kubernetes-bootcamp
Then let's expose a port for accessing our deployment:
kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080
kubectl get services
kubernetes-bootcamp NodePort 10.102.167.98 <none> 8080:32645/TCP 8s
So we found out that the exposed port for our deployment is 32645. Let's try to request it:
curl localhost:32645
Failed to connect to localhost port 32645: Connection refused
And nothing is work.
But if I try port-forward everything is working:
kubectl port-forward deployment/kubernetes-bootcamp 7000:8080
Forwarding from 127.0.0.1:7000 -> 8080
Forwarding from [::1]:7000 -> 8080
Handling connection for 7000
Another console:
curl localhost:7000
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-7b5598d7b5-8qf9j | v=2
What am I doing wrong? I have found out several posts like mine, but none of them help me.
try to run the this CMD:
kubectl get svc | grep kubernetes-bootcamp
after this expose the pod to your network by using the CMD:
kubectl expose pod (podname) --type=NodePort
After that, you can check the URL by using the cmd example
minikube 0r kubectl service (service name) --url
So I have found out the problem root - local Kubernetes cluster somehow work the inappropriate way.
How I solve the problem:
Remove C:\ProgramData\DockerDesktop\pki
Recreate all pods, services, deployments
Now the same script I use before works great.
Related
I'm running minikube using
minikube start --driver=docker
Then I use the followint sample commands to create and expose service
kubectl create deployment hello-minikube1 --image=k8s.gcr.io/echoserver:1.4
kubectl expose deployment hello-minikube1 --type=NodePort --port=8080
Problem
Command minikube service hello-minikube1 --url doesn't return a service url. Using <minikube ip>:<nodePort> also doesn't work - connections just stucks.
I tried creating pods with different images and still can't access external service for it
I launched minikube with the docker driver on a remote machine and I have used a nodePort service for a particular pod. I believe nodePort exposes the port on the minikube docker container. On doing minikube IP it gave me the IP of the docker container in which minikube runs. How can I port map the port from the minnikube container to the host port so that I can access it remotely. A different approach would other than using driver=none or restarting minikube is appreciated as I do not want to restart my spinnaker cluster.
There is a minikube service <SERVICE_NAME> --url command which will give you a url where you can access the service. In order to open the exposed service, the minikube service <SERVICE_NAME> command can be used:
$ minikube service example-minikube
Opening kubernetes service default/hello-minikube in default browser...
This command will open the specified service in your default browser.
There is also a --url option for printing the url of the service which is what gets opened in the browser:
$ minikube service example-minikube --url
http://192.168.99.100:31167
You can run minikube service list to get list of all available services with their corresponding URL's. Also make sure the service points to correct pod by using correct selector.
Try also to execute command:
ssh -i ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L *:30000:0.0.0.0:30000
Take a look: minikube-service-port-forward, expose-port-minikube, minikube-service-documentation.
From Pod to localhost, ssh works well. And ping also works well with each other.
There is centos7 in Pod. Also, openssh-server is installed in Pod. But there is always an error.
kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
hadoop-master-pod 1/1 Running 0 39m 10.244.9.25 slave10 <none>
hadoop-secondary-pod 1/1 Running 0 48m 10.244.11.11 slave12 <none>
ssh 10.244.9.25
ssh: connect to host 10.244.9.25 port 22: Connection refused
You should be able to connect using kubectl exec -it hadoop-master-pod -- /bin/bash
Then You can check if your pod in listening on port 22 for 0.0.0.0
Check the iptables if there is nothing blocked.
Make sure openssh is running and on which port it's running.
10.244.9.25 IP is an internal IP address given to pod by Kubernetes ( you can read more about Kubernetes networking model here ) to use inside Kubernets cluster so you won't be able to SSH or even to ping to these IPs from outside the cluster. In other words the network containing 10.244.9.25 is like a private network inside the K8 cluster and your host machine (localhost) is on different network.
If you want to get into the container for example in here you can use kubectl exec -it hadoop-master-pod -- /bin/bash or /bin/sh depending on the shell installed in the container and you can do anything that you tried to do by SSH into the pod.
If you really want to SSH into the pod from localhost (outside the cluster) you can write a Kubernetes Service probably exposing over NodePort which will expose the 22 (default port of SSH) to outside via NodePort.
I am learning kubernetes and using minikube to create single node cluster in my ubuntu machine. In my ubuntu machine Oracle Virtualbox is also installed. As I run
$ minikube start
Starting local Kubernetes v1.6.4 cluster...
...
$ cat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority: /root/.minikube/ca.crt
server: https://192.168.99.100:8443
name: minikube
...
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8000
error: failed to discover supported resources: Get https://192.168.99.100:8443/api: Service Unavailable
I am not getting that what is causing this error. Is there some place we can check for logs. I cannot use kubectl logs as it requires container to mention which is not creating at all. Please provide any possible solution to problem.
You can debug using these steps:
kubectl talks to kube-apiserver at port 8443 to do its thing. Try curl -k https://192.168.99.100:8443 and see if there's a positive response. If this fails, it means kube-apiserver isn't running at all. You can try restarting the VM or rebuilding minikube to see if it comes up properly the 2nd time round.
You can also debug the VM directly if you feel brave. In this case, get a shell on the VM spun up by minikube. Run docker ps | grep apiserver to check if the kube-apiserver pod is running. Also try ps aux | grep apiserver to check if it's run natively. If both don't turn up results, check the logs using journalctl -xef.
I am having trouble understanding how ports work when using kubernetes. There are three ports in question
Port that my app is listening on inside the docker container
Port mentioned in kubernetes config file as containerPort
LoadBalancer port when the deployment is exposed as a service
What is the relationship between the above three ports? In my current setup I mention EXPOSE 8000 in my Dockerfile and containerPort: 8000 in kubernetes config file. My app is listening on port 8000 inside the docker container. When I expose this deployment using kubectl expose deployment myapp --type="LoadBalancer", it results in the following service -
$ kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp 10.59.248.232 <some-ip> 8000:32417/TCP 16s
But my curl fails as shown below -
$ curl http://<some-ip>:8000/status/ -i
curl: (52) Empty reply from server
Can someone please explain me how the above three ports work together and what should be their values for successful 'exposure' of my app?
The issue was with my Django server and not Kubernetes or docker. I was starting my server with python manage.py runserver instead of python manage.py runserver 0.0.0.0:8080 which was causing it to return empty responses as the requests were not coming from localhost.