I'm new to Kubernetes but was able to easily create my own Kubernetes cluster using Kubespray. Furthermore I made myself familiar with Kubernete's terminology/concepts and therefore was able to create an example Pod/Deployment which runs as expected. Unfortunately I'm not able to access my Containers from the external network which is within my company's intranet. I'm not allowed to post the actual IP addresses so I'll use a fictive intranet of 47.11.x.y
My cluster consists of 3 bare metal nodes:
Master (47.11.91.155)
Node1 (47.11.91.97)
Node2 (47.11.91.98)Furthermore I own the additional intranet IP address 47.11.91.101 which I want to use in order to access my-example application. I tried several commands in various combinations which I found in the official docs as well as other SO articles but was only able to forward the application's port 4711 to my local workstation using
kubectl port-forward my-example-67795fd77d-mkrhw 4711:4711This works fine if I do an nc localhost 4711 afterwards at least to prove that I fundamentally set up my stuff "correctly". The application successfully writes my input from nc's STDIN to the mounted file /my-data/my-data.txt (/tmp/my-data.txt) on the node's filesystem and is able to pull my custom Docker image from my private Docker registry (47.11.91.42) which therefore is located on the intranet as well.
Could you please explain me what I would have to do in order to connect my-example with the official external intranet IP address 47.11.91.101 so I can access my-example using something like this:
nc 47.11.91.101 4711
My definition file looks like this:
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: my-example
labels:
app: my-example
spec:
replicas: 1
template:
metadata:
name: my-example
labels:
app: my-example
spec:
containers:
- name: my-example
image: my.private.docker.registry:5002/my-example:latest
imagePullPolicy: IfNotPresent
command: ["echo", "The example is working correctly within Kubernetes."]
- name: my-example-port
image: my.private.docker.registry:5002/my-example:latest
imagePullPolicy: Always
ports:
- name: myport
containerPort: 4711
resources:
requests:
cpu: 512m
memory: 512Mi
command: ["/bin/bash","-c","nc -k -l 4711 > /my-data/my-data.txt"]
volumeMounts:
- mountPath: /my-data
name: data
volumes:
- name: data
hostPath:
path: /tmp
type: Directory
imagePullSecrets:
- name: my-priavte-docker-secrets
---
apiVersion: v1
kind: Service
metadata:
name: my-example-service
labels:
app: my-example
spec:
selector:
app: my-example
ports:
- port: 4711
targetPort: 4711
protocol: TCP
externalIPs:
- 47.11.91.101It's created using kubectl create -f my-example-deployment.yml.
Please let me know if you need further information. Thanks in advance!
You can achieve what you want by using a Load Balancer and force it to use your fourth IP 47.11.91.101, if you ware using a supported cloud provider (not sure about your intranet in bare-metal though). This seems to be added by https://github.com/kubernetes/kubernetes/pull/13005 .
https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
Some other useful resources:
https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/
https://kubernetes.io/docs/tutorials/stateless-application/expose-external-ip-address/
https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/