I have created a Kubernetes cluster in the cloud- using this tutorial and deployed to the cluster a backend application called chatapp from the Docker private registry. Since there is no option to include service type as LoadBalancer, I had to restore to NodePort type.
Here is the chatapp-deployment.yml file for reference:
apiVersion: v1
kind: Service
metadata:
name: chatapp
spec:
selector:
app: chatapp
ports:
- protocol: "TCP"
port: 6443
targetPort: 3000
type: NodePort
externalIPs:
- A.B.C.D
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: chatapp
labels:
app: chatapp
spec:
replicas: 2
selector:
matchLabels:
app: chatapp
template:
metadata:
labels:
app: chatapp
spec:
imagePullSecrets:
- name: regsecret
containers:
- name: chatapp
image: sebastian/chatapp
imagePullPolicy: Always
command: ["/bin/sh"]
args: ["-c", "while true; do echo hello; sleep 10;done"]
ports:
- containerPort: 3000Note: I removed the external IP for security reasons.
I had to assign external IP manually since I couldn't set-up LoadBalancer as service type. Whenever I try accessing http://A.B.C.D:6443, I get the following:
Client sent an HTTP request to an HTTPS server.I went through this link but couldn't fix my issue with it. The external IP I have used is from the master-o.
While trying to access it with https://A.B.C.D:6443, I get the following 403 message:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Failure",
"message": "forbidden: User \"system:anonymous\" cannot get path \"/\"",
"reason": "Forbidden",
"details": {
},
"code": 403How can I authorize access to my cluster? Any feedbacks and suggestions would be appreciated.
Your request has reached the k8s api-server at 6443 instead of your chatapp. To access your chatapp; first retrieve the nodePort number: kubectl describe service chatapp | grep -i nodeport, then use this # to access your app at http://a.b.c.d:<nodePort>