I am not able expose a service in kubernetes cluster to the internet

0
votes

I have created a simple hello world service in my kubernetes cluster. I am not using any cloud provider and have created it in a simple Ubuntu 16.04 server from scratch. I am able to access the service inside the cluster but now when I want to expose it to the internet, it does not work.

Here is the yml file - deployment.yml

enter image description here

And this is the result of the command - kubectl get all:

enter image description here

Now when I am trying to access the external IP with the port in my browser, i.e., 172.31.8.110:8080, it does not work.

NOTE: I also tried the NodePort Service Type, but then it does not provide any external IP to me. The state remains pending under the "External IP" tab when I do "kubectl get services".

How to resolve this??

1
kubernetesgoogle-kubernetes-enginekubectlkubernetes-podazure-aks
If you try NodePort Service Type, test should be [node_ip]:[nodeport] where node_ip is obtained from kubectl get nodes -o wide and nodeport=30001. And also allow firewall: gcloud compute firewall-rules create test-node-port --allow tcp:30001dany L
You can also see an example heredany L
Do you use the AKS or just configure the Kubernetes cluster yourself in the Azure VM?Charles Xu
As first, please check SO FAQ How to ask. You should avoid posting pics, you always should use codeSample and posting configs/errors as text. Another thing, you have 2 cloud providers tag: Azure Cloud (AKS) and Google Cloud Platform (GKE). Which one you are using? Exposing service depends on your env and your config. Please provide more focused details about your env and config, what you are using and how you want to expose id (MetalLB, Ingress, LoadBalancer, NodePort, etc).PjoterS
I have used the NodePort Service Type as well and the result of kubectl get all also displays everything correclty but when I try to access the service in my browser by <Public IP of node>:30001, it does not connect. I also tried with the <master node public IP>:30001 but still it does not work.Mudit

1 Answers

1
votes

I believe you might have a mix of networking problems tied together. First of all, 172.31.8.110 belongs to a private network, and it is not routable via Internet. So make sure that the location you are trying to browse from can reach the destination (i.e. same private network).

As a quick test you can make an ssh connection to your master node and then check if you can open the page: curl 172.31.8.110:8080

In order to expose it to Internet, you need a to use a public IP for your master node, not internal one. Then update your Service externalIPs accordingly.

Also make sure that your firewall allows network connections from public Internet to 8080 on master node.

In any case I suggest that you use this configuration for testing purposes only, as it is generally bad idea to use master node for service exposure, because this applies extra networking load on the master and widens security surface. Use something like an Ingress controller (like Nginx or other) + Ingress resource instead.