Cannot access file inside Kubernetes cluster that has load balancer externally

10/4/2020

I have the cluster setup below in AKS

apiVersion: apps/v1
kind: Deployment
metadata:
  name: hpa-example
spec:
  replicas: 3
  selector:
    matchLabels:
      app: hpa-example
  template:
    metadata:
      labels:
        app: hpa-example
    spec:
      containers:
      - name: hpa-example
        image: gcr.io/google_containers/hpa-example
        ports:
        - name: http-port
          containerPort: 80
        resources:
          requests:
            cpu: 200m
---

apiVersion: v1
kind: Service
metadata:
  name: hpa-example
spec:
  ports:
  - port: 31001
    nodePort: 31001
    targetPort: http-port
    protocol: TCP
  selector:
    app: hpa-example
  type: NodePort
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: hpa-example-autoscaler
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: hpa-example
  minReplicas: 1
  maxReplicas: 10
  targetCPUUtilizationPercentage: 50

The idea of this is to check AutoScaling

I need to have this available externally so I added

apiVersion: v1
kind: Service
metadata:
  name: load-balancer-autoscaler
spec:
  selector:
    app: hpa-example
  ports:
    - port: 31001
      targetPort: 31001
  type: LoadBalancer

This now gives me an external IP however, I cannot connect to it in Postman or via a browser

What have I missed?

I have tried to change the ports between 80 and 31001 but that makes no difference

-- Paul
azure-aks
kubernetes

1 Answer

10/5/2020

As posted by user @David Maze:

What's the exact URL you're trying to connect to? What error do you get? (On the load-balancer-autoscaler service, the targetPort needs to match the name or number of a ports: in the pod, or you could just change the hpa-example service to type: LoadBalancer.)

I reproduced your scenario and found out issue in your configuration that could deny your ability to connect to this Deployment.

From the perspective of Deployment and Service of type NodePort everything seems to work okay.

If it comes to the Service of type LoadBalancer on the other hand:

apiVersion: v1
kind: Service
metadata:
  name: load-balancer-autoscaler
spec:
  selector:
    app: hpa-example
  ports:
    - port: 31001
      targetPort: 31001 # <--- CULPRIT
  type: LoadBalancer

This definition will send your traffic directly to the pods on port 31001 and it should send it to the port 80 (this is the port your app is responding on). You can change it either by:

  • targetPort: 80
  • targetPort: http-port

You could also change the Service of the NodePort (hpa-example) to LoadBalancer as pointed by user @David Maze!

After changing this definition you will be able to run:

$ kubectl get service

NAME                       TYPE           CLUSTER-IP    EXTERNAL-IP     PORT(S)           AGE
load-balancer-autoscaler   LoadBalancer   10.4.32.146   AA.BB.CC.DD     31001:31497/TCP   9m41s
  • curl AA.BB.CC.DD:31001 and get the reply of OK!

I encourage you to look on the additional resources regarding Kubernetes services:

-- Dawid Kruk
Source: StackOverflow