how to make already exposed service not to be exposed?

1/11/2021

I deployed a (LoadBalancer) service for a pod on my minikube cluster, then exposed it via minikube service [my_service] command. Now I tried to "turn off the exposure" but couldn't find any way to do this, except deleting it what I would like to avoid. Is it possible to just turn off the exposure, not deleting (and redeploying) the existing already exposed service?

-- pullback
kubernetes
kubernetes-service

1 Answer

1/11/2021

Background

In Kubernetes documentation regarding ServiceTypes, you can find information that if you want to expose your cluster outside you have to use NodePort or LoadBalancer.

If you want to keep your service/application in cluster, you should use ClusterIP:

Exposes the Service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster. This is the default ServiceType.

Depends on your version, you can edit it or use workaround. For example in K8s 1.16 you won't be able as some errors might occurs.

$ kubectl get svc
NAME         TYPE           CLUSTER-IP    EXTERNAL-IP     PORT(S)        AGE
kubernetes   ClusterIP      10.8.0.1      <none>          443/TCP        3d20h
my-nginx     LoadBalancer   10.8.14.224   34.121.77.108   80:32039/TCP   3m16s
$ kubectl patch service my-nginx -p '{"spec":{"type":"ClusterIP"}}'
The Service "my-nginx" is invalid: spec.ports[0].nodePort: Forbidden: may not be used when `type` is 'ClusterIP'

Solutions

However as you are using Minikube so I guess you are using newer version (1.20), so you can change it using:

1) kubectl edit

kubectl edit svc <yourSvcName> and change type to ClusterIP. It will open Vi editor, where you can change spec.type to ClusterIP or just remove it as default type for Kubernetes service is ClusterIP so if it won't be specified, Kubernetes will automatically use ClusterIP.

$ kubectl get svc
NAME         TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP      10.96.0.1        <none>        443/TCP        25s
my-nginx     LoadBalancer   10.107.129.201   <pending>     80:30173/TCP   8s
minikube-new:~$ kubectl edit svc my-nginx
service/my-nginx edited
sekreta@minikube-new:~$ kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   46s
my-nginx     ClusterIP   10.107.129.201   <none>        80/TCP    29s

2) kubectl patch

$ kubectl patch service <yourServiceName> -p '{"spec":{"type":"ClusterIP"}}'

$ kubectl get svc
NAME         TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP      10.96.0.1        <none>        443/TCP        10m
my-nginx     LoadBalancer   10.107.129.201   <pending>     80:30456/TCP   2m
minikube-new:~$ kubectl patch service my-nginx -p '{"spec":{"type":"ClusterIP"}}'
service/my-nginx patched
minikube-new:~$ kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   10m
my-nginx     ClusterIP   10.107.129.201   <none>        80/TCP    3m

3) kubectl apply

You can edit your Yaml and remove spec.type or have 2 Yamls with ClusterIP and LoadBalancer and switch them depends on your needs.

$ kubectl apply -f svc.yaml 
service/my-nginx configured
minikube-new:~$ kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   22m
my-nginx     ClusterIP   10.111.237.133   <none>        80/TCP    16s

4) Use some 3rd party software to make changes in your cluster like Helm and using templates.

-- PjoterS
Source: StackOverflow