K
Q

.NetCore app in AKS can't be accessed via public IP

5/20/2020

I can't find any questions like this exactly, usually this type of issue is an incorrect selector or something in the service. I've been banging my head against this for hours and can't find the issue.

Background:

I'm using an Azure Pipeline to build a solution, containerise it and push it to Azure Container Registry. The solution contains a .net core console app that is just the unaltered template (the weatherforecast one). Then I'm using kubectl apply to create a deployment and LoadBalancer service (I'm not using pipelines to publish to AKS rather AKS is pulling from ACR).

The apps run fine. Logs show they start and listen to the correct ports. The service is assigned a public IP. Hitting the IP times out.

I can see the LoadBalancer and all of the PublicIPAddresses in Azure. They all seem to be configured correctly. In the Dashboard I can see the service is mapped to specific pods (so the selector is working).

Meanwhile:

I applied the hello-kubernetes example app. This is basically identical to my set-up and works fine.

I diffed the manifests for both the service and the deployment (comparing mine to hello-kubernetes) they are identical other than guids and names.

I tore down the whole kubernetes cluster and created a new one. Same result.

I deleted the service and recreated it, got a new public ip. Same result.

I've tried both http and https.

This is the manifest:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: api
  labels:
    app: api
spec:
  replicas: 1
  selector:
    matchLabels:
      app: api
  template:
    metadata:
      labels:
        app: api
    spec:
      containers:
      - name: api
        image: someimage:1.0.52
        ports:
        - containerPort: 5001
        - containerPort: 5000
---
apiVersion: v1
kind: Service
metadata:
  name: api
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 5001
  selector:
    app: api
---

Please tell me there is something obviously wrong with this manifest!

[UPDATE] I added a middleware that spits out a console line when a request comes in. It turns out requests are getting through to the app and being dealt with, but the browser/postman still times out.

[Solved]

The issue is that the default .NetCore app has a middleware to redirect http to https, which fails as the port isn't bound.

-- MarcDHall
.net-core
azure-container-registry
azure-kubernetes
azure-pipelines
kubernetes

Similar Questions

"Error: unknown shorthand flag: 'f' in -f5" when running bash script from Python
Trying to start the kubernetes in Docker-Desktop but it's stuck
Build a shared maven repository running on a docker container and being used by Grails based instances
How to access the external IP of a K3s running in a docker container?

1 Answer

5/20/2020

To allow both ports to be open and added to the Azure Load Balancer by Kubernetes, a second port can be added to the Kubernetes Service

apiVersion: v1
kind: Service
metadata:
  name: api
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 5001
  - port: 443
    targetPort: 5443
  selector:
    app: api

This will allow both HTTP and HTTPS to be reachable by the external services

-- djsly
Source: StackOverflow