Kubernetes / External access from pod in GKE

I new in Kubernetes, and I created pods the following yml file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-act
  namespace: default
  labels:
    app: myapp
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
        - name: myapp
          image: myapp:latest
          envFrom:
          - configMapRef:
              name: map-myapp

The issue is that myapp is trying to query other apps which are located in my google project (as GCE machines) but are not part of the GKE cluster - without success.

i.e the issue is that I can't connect to the internal IP outside the cluster. I tried also to create service but it didn't fix the issue. all the information I found is how to expose my cluster to the world, but this is the opposite way.

what am I missing?

2 answers

  • answered 2019-02-10 12:52 Lachezar Balev

    the issue is that I can't connect to the internal IP outside the cluster.

    What you miss is called Ingress I believe.

    Ingress, added in Kubernetes v1.1, exposes HTTP and HTTPS routes from outside the cluster to services within the cluster.

    You can find more details and complete docs here.

    Update: As you pointed out Ingress is a beta feature, but you can successfully use it if you are OK with the limitations. Most likely you are, just go through the list. "Deployed on the master" means in my understanding that the ingress controller works on the k8s master node, a fact that should not normally bother you. What should you define next?

    1.First you need to define a service which targets the pods in your deployment. It seems that you haven't done that yet, have you?

    2.Then, on the next step, you need to create the Ingress, as shown in the docs, e.g.:

    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: test-ingress
      annotations:
        nginx.ingress.kubernetes.io/rewrite-target: /
    spec:
      rules:
      - http:
          paths:
          - path: /testpath
            backend:
              serviceName: your-service-name
              servicePort: 80
    

    Here your-service-name is the name of the service that you have already defined in point 1).

    After you have done all this the backend service will be available outside of the cluser on a similar URL: https://.service..com

  • answered 2019-02-11 11:30 Nepomucen

    In this case you should create an external service type with associated endpoint, like this:

    kind: Endpoints
    apiVersion: v1
    metadata:
     name: mongo
    subsets:
     - addresses:
         - ip: 10.240.0.4
       ports:
         - port: 27017
    ---
    kind: Service
    apiVersion: v1
    metadata:
     name: mongo
    Spec:
     type: ClusterIP
     ports:
     - port: 27017
       targetPort: 27017
    

    Please refer to this GCP blog post, that decribes very well in details the kubernetes best practices for mapping external services, living outside your cluster.