K
Q

Enable remote acess to kubernetes pod on local installation

6/16/2016

I'm also trying to expose a mysql server instance on a local kubernetes installation(1 master and one node, both on oracle linux) but I not being able to access to the pod.

The pod configuration is this:

apiVersion: v1
kind: Pod
metadata:
  name: mysql
  labels:
    name: mysql
spec:
  containers:
    - resources:
        limits :
          cpu: 1
      image: docker.io/mariadb
      name: mysql
      env:
        - name: MYSQL_ROOT_PASSWORD
          value: 123456
      ports:
        - containerPort: 3306
          name: mysql

And the service file:

apiVersion: v1
kind: Service
metadata:
  labels:
    name: mysql
  name: mysql
spec:
  type: NodePort 
  ports:
   - port: 3306
      targetPort: 3306
      nodePort: 30306
  selector:
    name: mysql

I can see that the pod is is running:

# kubectl get pod mysql
NAME      READY     STATUS    RESTARTS   AGE
mysql     1/1       Running   0          3d

And the service is connected to an endpoint:

# kubectl describe service mysql
Name:           mysql
Namespace:      default
Labels:         name=mysql
Selector:       name=mysql
Type:           NodePort
IP:         10.254.200.20
Port:           <unset> 3306/TCP
NodePort:       <unset> 30306/TCP
Endpoints:      11.0.14.2:3306
Session Affinity:   None
No events.

I can see on netstat that kube-proxy is listening on port 30306 for all incoming connections.

tcp6       6      0 :::30306                :::*                    LISTEN      53039/kube-proxy

But somehow I don't get a response from mysql even on the localhost.

# telnet localhost 30306
Trying ::1...
Connected to localhost.
Escape character is '^]'.

Whereas a normal mysql installation responds with something of the following:

$ telnet [REDACTED] 3306
Trying [REDACTED]...
Connected to [REDACTED].
Escape character is '^]'.
N
[REDACTED]-log�gw&TS(gS�X]G/Q,(#uIJwmysql_native_password^]

Notice the mysql part in the last line.

On a final note there is this kubectl output:

$ kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
kubernetes   10.254.0.1      <none>        443/TCP    9d
mysql        10.254.200.20   nodes         3306/TCP   1h

But I don't understand what "nodes" mean in the EXTERNAL-IP column.

So what I want to happen is to open the access to the mysql service through the master IP(preferrably). How do I do that and what am I doing wrong?

-- Marcelo Lacerda
kubernetes

Similar Questions

How to model stateful components in Kubernetes using replication controller?
Spinnaker on Kubernetes, who discover the kubernetes service named spkr-orca via Environment variables or DNS
How do I set up a DNS container inside docker-compose?
Kubernetes: How are etcd component services health checked?

2 Answers

6/16/2016

The NodePort is exposed on each Node in your cluster via the kube-proxy service. To connect, use the IP of that host (Node01) to connect to:

telnet [IpOfNode] 30306

-- Steve Sloka
Source: StackOverflow
6/22/2016

I'm still not sure how to make clients connect to a single server that transparently routes all connections to the minions.

-> To do this you need a load balancer, which unfortunately is not a default Kubernetes building bloc.

You need to set up a reverse proxy that will send the traffic to the minion, like a nginx pod and a service using hostPort: <port> that will bind the port to the host. That means the pod needs to stay on that node, and to do that you would want to use a DaemonSet that uses the node name as selector for example.

Obviously, this is not very fault tolerant, so you can setup multiple reverse proxies and use DNS round robin resolution to forward traffic to one of the proxy pods.

Somewhere, at some point, you need a fixed IP to talk to your service over the internet, so you need to insure there is a static pod somewhere to handle that.

-- MrE
Source: StackOverflow