K
Q

Kubernetes Ingress to External Service?

9/3/2019

Say I have a service that isn't hosted on Kubernetes. I also have an ingress controller and cert-manager set up on my kubernetes cluster.

Because it's so much simpler and easy to use kubernetes ingress to control access to services, I wanted to have a kubernetes ingress that points to a non-kubernetes service.

For example, I have a service that's hosted at https://10.0.40.1:5678 (ssl required, but self signed certificate) and want to access at service.example.com.

-- cclloyd
kubernetes

Similar Questions

kubernetes: pods cannot connect to internet
Kubernetes dashboard nodeport not working
GCP k8 times out not sure how to open the ports
What is the Dockerfile "right approach" for production?
How to redirect traffic from .svc.cluster.local to .svc.k8s.my-domain.com in Kubernetes?
Remove label from node using patch
Kubernetes menu not showing in docker desktop (Mac)
How to pass security context when create kubernetes pod with python?
activeDeadlineSeconds but only for the time the container is running
Kubernetes shows multiple requests instead of one

3 Answers

9/3/2019

You can do it by manual creation of Service and Endpoint objects for your external server.

Objects will looks like that:

apiVersion: v1
kind: Service
metadata:
  name: external-ip
spec:
  ports:
  - name: app
    port: 80
    protocol: TCP
    targetPort: 5678
  clusterIP: None
  type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
  name: external-ip
subsets:
- addresses:
  - ip: 10.0.40.1
  ports:
  - name: app
    port: 5678
    protocol: TCP

Then, you can create an Ingress object which will point to Service external-ip with port 80:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: external-service
spec:
  rules:
  - host: service.example.com
    http:
      paths:
      - backend:
          serviceName: external-ip
          servicePort: 80
        path: /
-- Anton Kostenko
Source: StackOverflow
9/3/2019

If your external service has a dns entry configured on it, you can use kubernetes externalName service.

If your external service has a dns entry configured on it, you can use kubernetes externalName service.

---
apiVersion: v1
kind: Service
metadata:
  name: my-service
  namespace: prod
spec:
  type: ExternalName
  externalName: myexternal.http.service.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: externalNameservice
  namespace: prod
spec:
  rules:
  - host: service.example.com
    http:
      paths:
      - backend:
          serviceName: my-service
          servicePort: 80
        path: /

In this way, kubernetes create cname record my-service pointing to myexternal.http.service.com

In this way, kubernetes create cname record my-service pointing to myexternal.http.service.com

-- c4f4t0r
Source: StackOverflow
9/3/2019

There is no way you can specify in the ingress configuration that a certain rule should divert traffic to a service hosted outside the cluster.

Your only choice here is to create a reverse proxy service and inside your cluster and let it act as a middleman between the user and the real service.

Asimple approach -

var httpProxy = require('http-proxy'); 
var proxy = httpProxy.createProxyServer(options); 

http.createServer(function(req, res) {
  proxy.web(req, res, { target: 'http://mytarget.com:8080' });
});
-- Charlie
Source: StackOverflow