K
Q

Exposing kubernetes service using elastic ip address on aws

7/28/2017

I'm trying to figure out how to run openvpn server running inside a pod using UDP protocol.

Since it's easier to test using http than openvpn connections, I have also nginx-container running inside that same pod as openvpn-container is.

I can get everything working inside the cluster but I cannot expose this nginx service to Internet using my elastic ip.

Network is Weave.

Kubernetes version is 1.6

I have set the externalIPs-field in the service.yaml to my elastic ip address. I cannot use type LoadBalancer since my protocol is UDP.

Service:

# kubectl describe service openvpn                              
Name:           openvpn
Namespace:      default
Labels:         name=openvpn
Annotations:        kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"name":"openvpn"},"name":"openvpn","namespace":"default"},"spec":{"externalI...
Selector:       name=openvpn
Type:           NodePort
IP:         100.71.93.74
External IPs:       <my_elastic_ip>
Port:           openvpn 1194/UDP
NodePort:       openvpn 30726/UDP
Endpoints:      100.120.0.1:1194
Port:           http    80/TCP
NodePort:       http    30000/TCP
Endpoints:      100.120.0.1:80
Session Affinity:   None
Events:         <none>

Endpoints

# kubectl get endpoints openvpn  
NAME      ENDPOINTS                         AGE
openvpn   100.120.0.1:80,100.120.0.1:1194   20h

I have followed through the https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/ and everything works inside the cluster.

I have allocated the elastic ip to this specific instance manually using AWS Console. All security groups are updated.

So is it even possible to connect to a pod inside a kubernetes cluster using a elastic ip attached to that host node? If it is, how to do that?

-- Spitz
amazon-ec2
kubernetes

Similar Questions

kubectl get: The connection to the server localhost:8080 was refused -Kubernetes
kubernetes 1.7 - dynamic volume plugin openstack
AWS ECS essential container equivalent in kubernetes
kube-dns remains in "ContainerCreating"

2 Answers

8/20/2017

You can try NodePort type. With the following then you can access the service via <node-ip>:30080

apiVersion: v1
kind: Service
metadata:
  labels:
    app: app
  name: app-service
  namespace: default
spec:
  ports:
  - name: ext
    nodePort: 30080
    protocol: UDP
    port: 80
  selector:
    app: app
type: NodePort
-- user1837770
Source: StackOverflow
8/20/2017

Rather than use an IP address you could get K8S to use the type: LoadBalancer which will setup a Classic AWS ELB. From there you could CNAME a domain / sub-domain to the ELB and access the service that way?

A quick example:

apiVersion: v1
kind: Service
metadata:
  name: MyApp
  labels:
    app: MyApp
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 80
    name: MyApp
  selector:
    app: MyApp
-- ajtrichards
Source: StackOverflow