K
Q

External access for minikube hosted in Azure

2/19/2020

I installed minikube in the Azure cloud on an ubuntu machine 18.04. But I do not know how to connect to it through kubectl using real IP of the virtual machine. Using i minikube on virtualbox driver (https://192.168.99.100:8443). Please tell me how to make port forwarding? Thanks.

-- Vitalii Fedorenko
azure
kubernetes
minikube
ubuntu

Similar Questions

K8s PersistentVolume - smart way to view data
Jenkins helm value for passing JAVA_ARGS
How to expose all GPUs to Kubernetes without the command "--gpus all" in docker 19.03?
Bind IP (GKE LoadBalancer IP) to Google Cloud Endpoint

1 Answer

2/20/2020

I tested it and come up with some solutions.

  1. The easiest way to make minikube accessible from your local machine can be achieved by using ssh port forwarding (but you need to remember to have ssh session open all the time and its not really what you want because it will be accessible only from your local machine).

    You can run:

    ssh <user>@<azure_vm_ip> -L 8443:192.168.99.100:8443

    to start port forwarding from your local host to the minikube vm.

    You will also need to copy these certificate files from azure vm ~/.minikube/ directory to you local machine:

    ca.crt
client.crt
client.key

    also copy .kube/config from azure vm to you local machine and edit paths to certificate files mentioned earlier and change server IP address to localhost.

  2. second way to make it accessible (this time allowing for external access) using ssh port forwarding is possible by doing the following:

    In file /etc/ssh/sshd_config on azure vm change GatewayPorts to yes, save file and run

    systemctl restart sshd

    next, ssh to your azure vm and run:

    ssh -R 0.0.0.0:8443:192.168.99.100:8443 localhost

    remember about certificate files and change server IP in .kube/config file public IP of your azure vm.

    When trying to connect to minikube form you local machine may see:

    $ kubectl get pods
Unable to connect to the server: x509: certificate is valid for 192.168.99.100, 10.96.0.1, 10.0.0.1, not <your_vm_ip>

    So you need to either use --insecure-skip-tls-verify flag or generate new valid certificates (or start minikube with --apiserver-ips=<public_ip> and it will generate valid certificate for you).

    NOTE: remember to allow ingress traffic to your azure vm on port 8443.

    If you don't want to use ssh port forwarding you can use any kind of proxy e.g nginx, that will run on azure vm and forward requests to minkube vm

  3. Probably the best way. Running without a VM:

     sudo minikube start --vm-driver=none --apiserver-ips=<public_ip>

    --apiserver-ips is needed to generate appropriate certificates. --vm-driver=none won't create a vbox vm

    Now all you need is to copy certificates to your local machine and provide appropriate server ip in .kube/confg file.

Let me know if it was helpful.

-- HelloWorld
Source: StackOverflow