Kubernetes Service Access in AWS

1/9/2019

I am new on K8s "Need Help"

I have created an HA Cluster of Kubernetes in AWS with Private DNS.

I used ´type: LoadBalancer´ and getting an External IP through with I am accessing my service in the browser but the problem is External Ip is PUBLIC and anyone can easily able to access which I don't want.

I used NODEPORT and Got EndPoints But can't able to access on the browser.

Now Question is.-

How to spin up private containers services in k8s AWS which are private and I can only access?

-- Ankit Singh
amazon-ec2
amazon-web-services
kubernetes

2 Answers

1/9/2019

A ClusterIP type Service won't be reachable from outside the cluster.

For debugging purposes, on reasonably current Kubernetes, you can set up a port forward to the Service

kubectl port-forward service/my-service 8888:80

though this isn't a good way to access it in anything that looks even a little bit like a production environment: IME it falls over somewhat routinely and needs to be restarted.

-- David Maze
Source: StackOverflow

1/9/2019

If you're using AWS load balancers in services you can specify that you want internal load balancer only:

metadata:
    name: my-service
    annotations:
        service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0

You can read more about this here: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer

-- Karol Samborski
Source: StackOverflow