I am following this doc https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/
but I am expecting to be able to curl some localhost:8080 or something like that.
What the the exact curl command and port that is expect FROM THE HOST. Not on the cluster, not on a node, but FROM THE HOST.
I am running in microk8s.
This is the file I have applied, copied from the docs:
apiVersion: v1
kind: Service
metadata:
name: my-nginx
labels:
run: my-nginx
spec:
type: NodePort
ports:
- port: 8080
targetPort: 80
protocol: TCP
name: http
- port: 443
protocol: TCP
name: https
selector:
run: my-nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
selector:
matchLabels:
run: my-nginx
replicas: 1
template:
metadata:
labels:
run: my-nginx
spec:
volumes:
- name: secret-volume
secret:
secretName: nginxsecret
- name: configmap-volume
configMap:
name: nginxconfigmap
containers:
- name: nginxhttps
image: bprashanth/nginxhttps:1.0
ports:
- containerPort: 443
- containerPort: 80
volumeMounts:
- mountPath: /etc/nginx/ssl
name: secret-volume
- mountPath: /etc/nginx/conf.d
name: configmap-volume
This is the output of the k get deployment my-nginx -o yaml
command:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"my-nginx","namespace":"default"},"spec":{"replicas":1,"selector":{"matchLabels":{"run":"my-nginx"}},"template":{"metadata":{"labels":{"run":"my-nginx"}},"spec":{"containers":[{"image":"bprashanth/nginxhttps:1.0","name":"nginxhttps","ports":[{"containerPort":443},{"containerPort":80}],"volumeMounts":[{"mountPath":"/etc/nginx/ssl","name":"secret-volume"},{"mountPath":"/etc/nginx/conf.d","name":"configmap-volume"}]}],"volumes":[{"name":"secret-volume","secret":{"secretName":"nginxsecret"}},{"configMap":{"name":"nginxconfigmap"},"name":"configmap-volume"}]}}}}
creationTimestamp: "2021-01-31T19:25:30Z"
generation: 1
managedFields:
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:kubectl.kubernetes.io/last-applied-configuration: {}
f:spec:
f:progressDeadlineSeconds: {}
f:replicas: {}
f:revisionHistoryLimit: {}
f:selector: {}
f:strategy:
f:rollingUpdate:
.: {}
f:maxSurge: {}
f:maxUnavailable: {}
f:type: {}
f:template:
f:metadata:
f:labels:
.: {}
f:run: {}
f:spec:
f:containers:
k:{"name":"nginxhttps"}:
.: {}
f:image: {}
f:imagePullPolicy: {}
f:name: {}
f:ports:
.: {}
k:{"containerPort":80,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:protocol: {}
k:{"containerPort":443,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:protocol: {}
f:resources: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:volumeMounts:
.: {}
k:{"mountPath":"/etc/nginx/conf.d"}:
.: {}
f:mountPath: {}
f:name: {}
k:{"mountPath":"/etc/nginx/ssl"}:
.: {}
f:mountPath: {}
f:name: {}
f:dnsPolicy: {}
f:restartPolicy: {}
f:schedulerName: {}
f:securityContext: {}
f:terminationGracePeriodSeconds: {}
f:volumes:
.: {}
k:{"name":"configmap-volume"}:
.: {}
f:configMap:
.: {}
f:defaultMode: {}
f:name: {}
f:name: {}
k:{"name":"secret-volume"}:
.: {}
f:name: {}
f:secret:
.: {}
f:defaultMode: {}
f:secretName: {}
manager: kubectl-client-side-apply
operation: Update
time: "2021-01-31T19:25:30Z"
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:deployment.kubernetes.io/revision: {}
f:status:
f:availableReplicas: {}
f:conditions:
.: {}
k:{"type":"Available"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
k:{"type":"Progressing"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
f:observedGeneration: {}
f:readyReplicas: {}
f:replicas: {}
f:updatedReplicas: {}
manager: kube-controller-manager
operation: Update
time: "2021-01-31T19:25:31Z"
name: my-nginx
namespace: default
resourceVersion: "764711"
selfLink: /apis/apps/v1/namespaces/default/deployments/my-nginx
uid: 77061fd6-8a88-4e0d-891b-6dcc5df2c95e
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
run: my-nginx
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
run: my-nginx
spec:
containers:
- image: bprashanth/nginxhttps:1.0
imagePullPolicy: IfNotPresent
name: nginxhttps
ports:
- containerPort: 443
protocol: TCP
- containerPort: 80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx/ssl
name: secret-volume
- mountPath: /etc/nginx/conf.d
name: configmap-volume
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- name: secret-volume
secret:
defaultMode: 420
secretName: nginxsecret
- configMap:
defaultMode: 420
name: nginxconfigmap
name: configmap-volume
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2021-01-31T19:25:31Z"
lastUpdateTime: "2021-01-31T19:25:31Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2021-01-31T19:25:30Z"
lastUpdateTime: "2021-01-31T19:25:31Z"
message: ReplicaSet "my-nginx-5b6fb7fb46" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
There is also this default.conf as in the docs
cat default.conf
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html;
server_name localhost;
ssl_certificate /etc/nginx/ssl/tls.crt;
ssl_certificate_key /etc/nginx/ssl/tls.key;
location / {
try_files $uri $uri/ =404;
}
}
try curl -k 127.0.0.1:80
or curl -k localhost:80
. actually the 8080
port is for the service
but when you try localhost
or 127.0.0.1
they don't connect through service
so the port
need to be the container
's port which is 80
.
You can set up a proxy to your pod with:
kubectl port-forward [name of your pod] [port-on-the-host]:[pod-port]
Then you can access it via your host:
$ curl 127.0.0.1:pod-port
in your case: $ curl 127.0.0.1:80
In your case 80
is a targetPort
which is the port on the pod that the request gets sent to
But it is solution without using services.
Read more: kubernetes-port-forward.