K
Q

Kubernetes : Expose service internally within VPN

7/27/2018

I've created kubernetes cluster using kops

kops create cluster \
    --dns-zone=vpc.abc.in \
    --master-zones=ap-southeast-1a,ap-southeast-1b,ap-southeast-1c \
    --zones=ap-southeast-1a,ap-southeast-1b,ap-southeast-1c \
    --node-count 3 \
    --topology private \
    --networking flannel-vxlan \
    --node-size=t2.medium \
    --master-size=t2.micro \
    ${NAME}

I'm using private topology and internal loadbalancer.

Whenever I create service of type=LoadBalancer it creates a public facing ELB and url is accessible publically.

I want to deploy Elastic Search and kibana and make it available only inside VPN. We already have VPN setup.

How to make service accessible within the VPN?

-- prranay
elasticsearch
kibana
kops
kubernetes

Similar Questions

Where does kubectl events originate from? How do I export these?
Whats the difference between a resource limit and a resource max in Limit Range? And request vs min?
helm lint: INFO Chart.yaml: icon is recommended
Issues expanding a PVC in Kubernetes 1.9.9 / Kops 1.9.2 on AWS EC2 using allowVolumeExpansion
Rightsizing Kubernetes Nodes | How much cost we save when we switch from VMs to containers
Kubenetes Load Balancer is not accessible
Seperate CA for etcd in Kubernetes?
Nginx Ingress controller- Path based routing
Ngnix Ingress Controller with for Long term support

1 Answer

7/27/2018

Add the following annotation to your service definition:

service.beta.kubernetes.io/aws-load-balancer-internal: '"true"'

Full example:

kind: Service
apiVersion: v1
metadata:
  name: my-service
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-internal: '"true"'
spec:
  selector:
    app: MyApp
  ports:
  - protocol: TCP
    port: 80
    targetPort: 9376
  type: LoadBalancer

This will provision an internal ELB rather than external.

-- jaxxstorm
Source: StackOverflow