K
Q

how to know external endpoints or the ip of Loadbalancer Service inside a pod

12/26/2019

I have a helm chart that installs/creates an instance of our app. Our app consist of multiple micro-services and one of them is nginx. The nginx service is of type loadbalancer.

So when user first tries to hit the loadbalancer IP from browser, I want to open a web page which will ask him to bind some domains (e.g. a.yourdomain.com and b.yourdomain.com) with the loadbalancer IP and once he does that, he will click on "verify" button and at that time I want to check on the server side if the domains are correctly pointing to the loadbalancer IP or not.

Now the problem is how can I get the loadbalancer external IP inside the nginx pod so that I can ping the domains and check if they are poining to the loadbalancer IP or not.

Edit

Note: I would like to avoid using kubectl because I do not want to install this extra utility for one time job.

-- Yogeshwar
docker
google-cloud-platform
kubernetes

Similar Questions

Setting caBundle in MutatingWebhookConfiguration with Helm chart
CRD probe failing
AWS EKS - cluster no nodes availabe to schedule pods
Node had taints that the pod didn't tolerate error when deploying to Kubernetes cluster
SparkJob did not start on kubernetes
Kubernetes - Ingress on docker driver - minikube 1.16

3 Answers

12/27/2019

I have found a solution, tested and it's working.

To find ExternalIP associated with nginx service of type LoadBalancer you want to create a service account:

kubectl create serviceaccount hello

and also create Role and RoleBindind like folllowing:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: read-services
rules:
- apiGroups: [""]
  resources: ["services"]
  verbs: ["get", "watch", "list"]

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: read-services
  namespace: default
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: read-services
subjects:
- kind: ServiceAccount
  name: hello
  namespace: default

Then you create your pod with serviceAccount: hello

and now you can make a curl request to api-server like shown in k8s documentation:

APISERVER=https://kubernetes.default.svc
SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount
NAMESPACE=$(cat ${SERVICEACCOUNT}/namespace)
TOKEN=$(cat ${SERVICEACCOUNT}/token)
CACERT=${SERVICEACCOUNT}/ca.crt

curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/$NAMESPACE/services/nginx/

under .status.loadBalancer.ingress[0].ip should be IP you are looking for.

Let me know if it was helpful.

-- HelloWorld
Source: StackOverflow
12/26/2019

I found the solution, the trick is to call the k8s api server with the default token that is seeded by k8s. These two simple commands will do the trick:

KUBE_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)

curl -sSk -H "Authorization: Bearer $KUBE_TOKEN" \ 
https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT_443_TCP_PORT/api/v1/namespaces/<your_namespace>/services/nginx \ 
| jq -r '.status.loadBalancer.ingress[0].ip'
-- Yogeshwar
Source: StackOverflow
12/26/2019

The value of external IP will be in the status of service object.

kubectl get svc $SVC_NAME -n $NS_NAME -o jsonpath="{.status.loadBalancer.ingress[*].ip}” will get the externalIP.

-- Suresh Vishnoi
Source: StackOverflow