How to access Google Kubernetes Engine FTP Server by FileZilla

5/11/2018

I created a gcePresistentDisk and made a cluster and mount it. here is the yaml file, which is reference by https://github.com/aledv/kubernetes-ftp :

Deployment.yaml

apiVersion: apps/v1beta1 # for versions before 1.6.0 use extensions/v1beta1
kind: Deployment
metadata:
  name: my-ftp
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: my-ftp
    spec:
      volumes:
      - name: task-pv-storage
        gcePersistentDisk:
          pdName: my-disk
          fsType: ext4
      containers:
      - name: my-ftp-container
        image: fauria/vsftpd
        ports:
        - containerPort: 21
          protocol: TCP
          name: "ftp-server"
        volumeMounts:
        - mountPath: "/home/vsftpd"
          name: task-pv-storage
        env:
        - name: FTP_USER
          value: "user"
        - name: FTP_PASS
          value: "password"

Service.yaml

apiVersion: v1
kind: Service
metadata:
  name: my-ftp-service
  labels:
    app: my-ftp
spec:
  type: LoadBalancer
  ports:
    - port: 21
      nodePort: 30080
  selector:
    app: my-ftp

Ingress.yaml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ftp-ftp-ingress
spec:
  backend:
    serviceName: ftp-ftp-service
    servicePort: 21

and I created them all. I tried

$kubectl get service rushbit-ftp-service --watch

to get ip and use FileZilla connect the ip with username and password. I also tried port 30080, but still timeout.

Did I miss something?

-- 黃皓哲
ftp
kubernetes
server
yaml

3 Answers

1/5/2019

For those who encounter the issue,you can try the following:

In the deployment.yaml, specify the passive mode min and max port range.

 env: 
  - name: PASV_ADDRESS
    value: "127.0.0.1"
  - name: PASV_MIN_PORT
    value: "31100"
  - name: PASV_MAX_PORT
    value: "31101"

Then, in the service.yaml, specify the ports from the deployment.yaml.

ports:
 - name: port1
   port: 21
   nodePort: 30080
 - name: port2
   port: 31100
   nodePort: 31100
 - name: port3
   port: 31101
   nodePort: 31101

In such way, your FTP client should be able to work in client mode.

-- mengjiann
Source: StackOverflow

5/11/2018

You mixed two types of deployed service in one configuration: LoadBalancer and Ingress.

It does not work.

You should expose FTP service from Ingress, not from LoadBalancer.

I deployed the example configuration you provided in GitHub, and it worked.

After all, I’ve checked if Ingress controller is listening on proper IP address and port:

kubectl get ingres | grep ftp

You can also check if there are any issues in the GCE firewall configuration:

gcloud compute firewall-rules list
-- d0bry
Source: StackOverflow

10/16/2019

I think you need to create a secret.

echo -n 'admin' | base64 YWRtaW4=

secret.yaml

apiVersion: v1

kind: Secret

metadata:

name: name-pass

type: Opaque

data:

password: YWRtaW4=

and then in module spec you need to add

spec:

  containers:

  - image: mysql:5.7

    name: mysql

    env:

    - name: MYSQL_ROOT_PASSWORD

      valueFrom:

        secretKeyRef:

          name: name-pass

          key: password
-- noute
Source: StackOverflow