EC2/Kubernetes - How to access clustered flask service through NodePort on EC2?

4/28/2019

I have created a Kubernetes cluster (1x Master / 2x Workers) that is running a containerised Flask web app. I have created a deployment/service on the master node which exposes a NodePort to access the application running on the workers under :5000.

The app pods are active and the NodePort service is available. Due to the cluster running on an AWS EC2 instance with it's own IPs however, I am unable to access the clustered app through the NodePort IP address.

I am pondering the easiest way for me to access the clustered Flask app through :5000 through my local browser?

Background so far:

  • I have done a lot of reading regarding Kubernetes Ingress and AWS ELB/ALB NGINX Ingress to get around this issue however from what I have tried I have not been able to set-up this routing. It seems quite complex as is and I have not been able to find any easily understandable resources to apply to my situation.

  • I thought that an easier solution may be to set-up a simple NGINX reverse proxy that runs on my Master node to translate traffic coming into through [ec2_public_ip]:5000 to [nodeport-cluster-ip]:5000. This just seemed to hang and timeout after 60 seconds however.

This is my cluster setup:

NAME                               READY   STATUS    RESTARTS   AGE
pod/anagram-app-55996478f5-mdnlg   1/1     Running   0          13m
pod/anagram-app-55996478f5-qkn7p   1/1     Running   0          13m

NAME                  TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
service/anagram-app   NodePort    10.108.225.119   <none>        5000:30230/TCP   13m
service/kubernetes    ClusterIP   10.96.0.1        <none>        443/TCP          14m

NAME                          READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/anagram-app   2/2     2            2           13m

NAME                                     DESIRED   CURRENT   READY   AGE
replicaset.apps/anagram-app-55996478f5   2         2         2       13m

kubectl logs anagram-app-55996478f5-mdnlg (to show Flask app active):

 * Serving Flask app "app" (lazy loading)
 * Environment: production
   WARNING: Do not use the development server in a production environment.
   Use a production WSGI server instead.
 * Debug mode: on
 * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 212-934-957

I am just looking for a simple way to access the clustered app through my browser on port:5000. If anyone has had any joy with this on AWS EC2s I am open to ideas :)

Thanks in advance..

-- godacre
amazon-ec2
flask
kubernetes

1 Answer

4/28/2019

You should be able to reach your application NodePort through EC2 public IP. You only need to allow NodePort port(s) in node instances security group. To allow all NodePorts you need to allow port range 30000-32767 from 0.0.0.0/0.

If you want to open only port 5000 - then you need to put hostNetwork: true in your deployment spec like that:

spec:
  hostNetwork: true

And also you need to allow port 5000 in security group

-- Vasily Angapov
Source: StackOverflow