K
Q

Allow external application to send data to a specific POD_IP:PORT

12/13/2016

I need help to figure out how to port a current-working VM-based solution to a container-based solution using Kubernetes.

Scenario

An application is made of two components (lets'call them master and slave). A master instance is always up, while 0 or more slaves can be running.

Current flow is:

  1. master is assumed up
  2. one (or more) slaves start-up
  3. slave sends a HELLOWORLD message to https://MASTER_IP:9090, with some specs like own CPU and RAM
  4. slave start listening on port 8080
  5. master infers slave's IP from TCP headers (step 3)
  6. master fills a running-slaves table with information found during steps 3 and 5
  7. when a new job is available, master sends it to https://A_SPECIFIC_SLAVE_IP:8080
  8. slave does its job
  9. slave sends output to https://MASTER_IP:9090

Notes and requirements:

A. during steps 3 and 9 slave acts as client and master acts as server (I mean slave begins the comunication, while master is listening)

B. during step 3 slave doesn't need to discover master's IP, it's a configuration setting.

C. during step 7 slave acts as server and master acts as client (opposite to A)

D. slaves never sends their own IP explicitly to the master (steps 3 and 5)

E. slaves will be containerized but not the master

F. Master lives on the same local network where k8s-nodes live, but master is out of kubernetes' control. It should be seen as an external service/api to connect to.

Using a POD for each slave, I can get an IP for each slave, but as far as I can see, this IP is part of k8s' internal network:

X. how to let the master deduce POD's IP? (step 3-4)

Y. how to reach a specific POD from the outside? (step 7)

I'm looking into ingress now, but I feel something is still missing.

Thank you.

-- sgs
kubernetes

Similar Questions

Blue Green Deployment for particular MicroService
Kubernetes run on AWS
ZMQ crashes "randomly" in aiohttp web service
configuring kubernetes restart policy

1 Answer

12/13/2016

Does it matter what job goes to what slave? Because in Kubernetes, you would have a load balancer (like an nginx instance) as your proxy from the outside, and then you need to use a Kubernetes Service targeting the slave Pods.

The point of Kubernetes is not to worry about where the Pods live, just to be able to reach one of them when needed, which is what a Service does: it looks at Pod with a specific label (or set of labels) and proxies traffic to one of them in a round robin or client-IP based fashion.

There are some ways you could reach specific Pods:

  • use a Service per slave Pod: then your nginx proxy can forward traffic to (a) specific Pod, wherever it is in the cluster. Obviously this is not very convenient to automate.

  • use StatefulSets (formerly PetSets) behind an Ingress: with StatefulSet you can get access a Pod by name+index, and with Ingress you can specify a parametric URL to proxy your traffic.

  • maybe the easiest: use a VPN into the cluster: then you can access each Pod by their FQDN (usually servicename.svc.namespace.cluster.local)

-- MrE
Source: StackOverflow