K
Q

How to access Kubernetes NodePort service in browser?

1/14/2018

I have created a deployment for jenkins in Kubernetes. The pod is running fine, I've created a service to access jenkins on service-ip:8080 but it seems not to work. When I create an ingress above the service I can access it using the public ip.

kind: Service
apiVersion: v1
metadata:
  name: jenkins-ui
  namespace: jenkins
spec:
  type: NodePort
  selector:
    app: jenkins
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080
      name: ui

I created my service as described above:

$ kubectl get svc --namespace=jenkins

NAME               TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
jenkins-ui         NodePort    10.47.xx.xx     <none>        8080:30960/TCP   1d

I tried to access: 10.47.xx.xx:8080 but I was not able to access the jenkins UI. What am I doing wrong? I also tried 10.47.xx.xx:30960

I want to access my jenkins UI using a service but I want to keep it private in my cluster. (ingress makes it public).

UPDATE:

$ kubectl describe svc jenkins-ui --namespace jenkins
Name:                     jenkins-ui
Namespace:                jenkins
Labels:                   <none>
Annotations:              <none>
Selector:                 app=jenkins
Type:                     NodePort
IP:                       10.47.xx.xx    Port:                     ui  8080/TCP
TargetPort:               8080/TCP
NodePort:                 ui  30960/TCP
Endpoints:                10.44.10.xx:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

accessing the pod on 10.44.10.xx:8080 does not work too.

-- DenCowboy
google-cloud-platform
jenkins
kubernetes
service

Similar Questions

Setting concurrency Kubernetes Cronjob
Changing tags dynamically
Kubernetes deployment without a port
Using helm client on google cloud

1 Answer

1/14/2018

If I understand correctly, you want any container running in your cluster to be able to access your jenkins service, but you don't want your jenkins service to be accessible outside your cluster to something like your browser?

In this case:

curl http://jenkins-ui.default:8080
curl http://10.47.10.xx:8080

will work perfectly fine from inside any container in your kubernetes cluster.

Also, you cannot access it 10.47.10.xx:8080 from outside your cluster because that IP is only valid/available inside your kubernetes cluster.

If you want to access it from outside the cluster an ingress controller or to connect on http://<node-ip>: 30960 is the only way to connect to the jenkins-ui k8s service and thus the pod behind it.

EDIT: Use kubectl port-forward

In development mode, if you want to access a container running internally, you can use kubectl port-forward:

kubectl port-forward <jenkins-ui-pod> 9090:8080

This way, http://localhost:9090 will show you the jenkins-ui screen because you have kubectl access.

kubectl port-forward doesn't work for services yet: https://github.com/kubernetes/kubernetes/issues/15180

-- iamnat
Source: StackOverflow