K
Q

Accessing K8S API Server running on Openstack behind a floating IP

2/14/2021

I have Kubernetes Master listening on Internal Openstack network address 192.168.6.6:6443. This machine has a floating IP associated for ssh based access (x.x.x.x) from my home. SSH received on the floating IP is sent to the internal IP. But this does not work for 6443 forwarding.

How do I access the K8S API server from my home when I can access the floating IP associated with the K8S master but not the internal IP on which the API server is listening.

I know the method of copying config file to your local machine but config files have the ip address on which master is listening and that ip is not accessible from outside Openstack.

Thanks for any help

-- SNK
kubernetes
kubernetes-apiserver
openstack
proxy
rbac

Similar Questions

Setting up AWS EKS - Don't know username and password for config
how do I enable mount propagation in Rancher - Kubernetes feature gates?
Why am I suddenly getting ImagePullPolicy errors?
Azure AKS - Change location/region?
Kubernetes: Run Pods only on EC2 Nodes that have GPUs

2 Answers

2/21/2021

1. Configure API Server IP

You need to replace the API server ip in the KUBE_CONFIG file with the floating IP.

2. Configure Security Group

Then, you need to add ingress rule which allows TCP 6443 port to the security group of the master node interface. enter image description here

-- James Wang
Source: StackOverflow
2/25/2021

I managed to solve this by reinstantiating the k8s cluster on OpenStack and providing the floating ip as "--apiserver-cert-extra-sans" parameter to kubeadm.

kubeadm init --apiserver-cert-extra-sans=<floating-ip>

-- SNK
Source: StackOverflow