How to access to the services in kubernetes cluster when ssh to another VMs via proxy?

12/10/2018

Consider if we build two VMs in a bare-metal server through a network, one is master and another is worker. I ssh to the master and construct a cluster using kubeadm which has three pods and a service with type: ClusterIP. So when I want access to the cluster I do kubectl proxy in the master. Now we can explore the API with curl and wget in the VM which we ssh to it, like this :

$ curl http://localhost:8080/api/

So far, so good! but I want access to the services by my laptop? The localhost which comes above is refer to the bare-metal server! How can access to the services through proxy by my laptop when cluster is placed in another machine?

When I do $ curl http://localhost:8080/api/ in my laptop it says : 127.0.0.1 refused to connect which make sense! But what is the solution to this?

-- Majid Rajabi
kubeadm
kubectl
kubernetes

2 Answers

12/10/2018

If you forward the port 8080 when sshing to master, you can use localhost on your laptop to access the apis on the cluster.

You can try adding the -L flag to your ssh command:

$ ssh -L 8080:localhost:8080 your.master.host.com

Then the curl to localhost will work.

-- Robert Lacok
Source: StackOverflow

12/10/2018

You can also specify an extra arguments to the kubectl proxy command, to let your reverse-proxy server listening on non-default ip address (127.0.0.1) - expose outside

kubectl proxy --port=8001 --address='<MASTER_IP_ADDRESS>' --accept-hosts="^.*
quot;

You can get your Master IP address by issuing following command: kubectl cluster-info

-- Nepomucen
Source: StackOverflow