K
Q

Remove external ip address from gke application with kubectl

4/21/2020

After getting Prometheus up for a gke cluster, I ran the step to add an external ip address for Grafana:

kubectl patch svc "prometheus-1-grafana" --namespace "cluster-1" \
  -p '{"spec": {"type": "LoadBalancer"}}'

but now no longer want Grafana to be available via an external ip.

I've tried running with -p '{"spec": {"type": "ClusterIP"}}' but I just get the error:

The Service "prometheus-1-prometheus" is invalid: 
spec.ports[0].nodePort: Forbidden: may not be used when
`type` is 'ClusterIP'

How do I do the above kubectl patch svc command to remove the external ip?

Thanks

-- Silfheed
kubernetes
prometheus

Similar Questions

minikube tunnel command show an error when add a route
Installing kubernetes on windows 10
Prometheus dashboard exposed over alb-ingress-controller is not loading fully
Unable to delete perconaxtradbclusters which are in errored state

1 Answer

4/22/2020

When you change the service to LoadBalancer, a NodePort is attributed to the service.

In order to return to ClusterIP you need to also remove the NodePort.

  • Using kubectl patch we will set the NodePort to NULL, here is the command:
kubectl patch svc "prometheus-1-grafana" --namespace "cluster-1" --type="merge" \
-p '{"spec":{"ports":[{"nodePort":null,"port":<PORT_NUMBER>}],"type":"ClusterIP"}}'

Note: Kubernetes will not allow you to set the nodePort to null alone, because the Port field is obligatory, make sure to check the correct port and change it, I'm using an http server as example.

  • Optionally, you can create a patch.yaml:
spec:
  ports:
  - port: <PORT_NUMBER>
    protocol: TCP
    targetPort: <TARGET_PORT_NUMBER>
  type: ClusterIP

and Apply it:

kubectl patch svc "prometheus-1-grafana" --namespace "cluster-1" \
--type="merge" --patch "$(cat patch.yaml)"

Reproduction:

$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
echo-svc     ClusterIP   10.0.13.9    <none>        80/TCP    65m

$ kubectl patch svc "echo-svc" -p '{"spec": {"type": "LoadBalancer"}}'                                                                
service/echo-svc patched

$ kubectl get svc
NAME         TYPE           CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
echo-svc     LoadBalancer   10.0.13.9    <pending>     80:32021/TCP   65m

$ kubectl patch svc "echo-svc" --type="merge" -p '{"spec":{"ports":[{"nodePort":null,"port":80}],"type":"ClusterIP"}}'
service/echo-svc patched

$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
echo-svc     ClusterIP   10.0.13.9    <none>        80/TCP    66m

$ kubectl patch svc "echo-svc" -p '{"spec": {"type": "LoadBalancer"}}'                                                                
service/echo-svc patched

$ kubectl get svc
NAME         TYPE           CLUSTER-IP   EXTERNAL-IP      PORT(S)        AGE
echo-svc     LoadBalancer   10.0.13.9    35.223.145.193   80:30394/TCP   66m

$ cat patch.yaml 
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 8080
  type: ClusterIP

$ kubectl patch svc "echo-svc" --type="merge" --patch "$(cat patch.yaml)"                                                             
service/echo-svc patched

$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
echo-svc     ClusterIP   10.0.13.9    <none>        80/TCP    66m

References:

-- willrof
Source: StackOverflow