K
Q

Accessing a k8s service with cluster IP in default namespace from a docker container

1/22/2020

I have a server that is orchestrated using k8s it's service looks like below

➜  installations ✗ kubectl get svc
NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                               AGE

oxd-server           ClusterIP   10.96.124.25   <none>        8444/TCP,8443/TCP                     3h32m

and it's pod.

helm git:(helm-rc1) ✗ kubectl get po
NAME                                   READY   STATUS             RESTARTS   AGE

sam-test-oxd-server-6b8f456cb6-5gwwd   1/1     Running            0          3h2m

Now, I have a docker image with an env variable that requires the URL of this server.

I have 2 questions from here.

  1. How can the docker image get the URL or access the URL?

  2. How can I access the same URL in my terminal so I make some curl commands through it?

I hope I am clear on the explanation.

-- Shammir
docker
docker-compose
kubernetes
kubernetes-helm

Similar Questions

How the okd/openshift cluster can be used by multiple users simultaneously?
Configure tracing backend to be Zipkin in Istio
Launching Mongo.Charts as Kubernetes service
GKE / Cloud IAM workload Identity setup error 403
Redirect trafic from one app (workload) to other if there is prefix?

2 Answers

1/22/2020

  • You can use the name of the service oxd-server from any other pod in the same namespace to access it i.e., if the service is backed by pods that are serving HTTPS, you can access the service at https://oxd-server:8443/.

    If the client pod that wants to access this service is in a different namespace, then you can use oxd-server.<namespace> name. In your case that would be oxd-server.default since your service is in default namespace.

  • To access this service from outside the cluster(from your terminal) for local debugging, you can use port forwarding.

    Then you can use the URL localhost:8443 to make any requests and request would be port forwarded to the service.

kubectl port-forward svc/oxd-server 8443:8443
  • If you want to access this service from outside the cluster for production use, you can make the service as type: NodePort or type: LoadBalancer. See service types here.
-- Shashank V
Source: StackOverflow
1/22/2020

If your docker container is outside the kubernetes cluster, then it's not possible to access you ClusterIP service.

As you could guess by its name, ClusterIP type services are only accessible from within the cluster.
By within the cluster I mean any resource managed by Kubernetes.
A standalone docker container running inside a VM which is part of your K8S cluster is not a resource managed by K8S.

So, in order to achieve what you want, you'll have those possibilities :

  1. Set a hostPort inside your pod. This is not recommanded and is listed as a bad practice in the doc. Keep this usage for very specific case.
  2. Switch your service to NodePort instead of ClusterIP. This way, you'll be able to access it using a node IP + the node port.
  3. Use a LoadBalancer type of service, but this solution needs some configuration and is not straightforward.
  4. Use an Ingress along with an IngressController but just like the load balancer, this solution needs some configuration and is not that straightforward.

Depending on what you do and if this is critical or not, you'll have to choose one of these solutions.

  • 1 & 2 for debug/dev
  • 3 & 4 for prod, but you'll have to work with your k8s admin
-- Marc ABOUCHACRA
Source: StackOverflow