0

I am learning Kubernetes, and I did create a LAB on a Bare-Metal, So I'm a Kubernetes noob!

I did create my deployment and it is running and accessible using NodePort, But when I use nginx-ingress, The nginx container is running and it is responding inside its container using curl localhost, but when I try from the outer world, I see this message: curl: (7) Failed to connect to app.example.com port 80: Connection refused

These are my app-service.yml and app-ingress.yml which they are running.

apiVersion: v1
kind: Service
metadata:
  name: my-app-service
spec:
  ports:
  - port: 80
    targetPort: 3010
    protocol: TCP
    name: http
  selector:
    app: my-app

kind: Ingress
metadata:
  name: my-ingress
  labels:
    app: my-app
  annotations:
    # use the shared ingress-nginx
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: my-app-service
          servicePort: 80

Also my deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app-deployment
  labels:
    app: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-app
          image: my-app:1.0
          ports:
            - containerPort: 3010

The command: kubectl get all --namespace ingress-nginx is showing:

NAME                                            READY   STATUS      RESTARTS   AGE
pod/ingress-nginx-admission-create-tc8t7        0/1     Completed   0          73m
pod/ingress-nginx-admission-patch-lnbcp         0/1     Completed   2          73m
pod/ingress-nginx-controller-7fd7d8df56-bjmrm   1/1     Running     0          74m

NAME                                         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
service/ingress-nginx-controller             NodePort    10.110.64.201    <none>        80:30532/TCP,443:31993/TCP   74m
service/ingress-nginx-controller-admission   ClusterIP   10.108.186.241   <none>        443/TCP                      74m

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           74m

NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-7fd7d8df56   1         1         1       74m

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/ingress-nginx-admission-create   1/1           5s         74m
job.batch/ingress-nginx-admission-patch    1/1           19s        74m

and the command: kubectl get ing is showing:

NAME          CLASS    HOSTS                  ADDRESS         PORTS   AGE
my-ingress   <none>   app.example.com         X.X.X.X         80      11m
Improve this question
9
  • how did you deploy your cluster? looks like you have regular service and those are not accessible outside the cluster Commented Jul 16, 2020 at 6:30
  • @Rico Is not the nginx-ingress job to do that accessible ClusterIP for outer world (and apply LB & etc)? Commented Jul 16, 2020 at 6:33
  • nah.. the clusterIP is only accessible within the cluster Commented Jul 16, 2020 at 6:34
  • you have to use a NodePort service to access it from outside Commented Jul 16, 2020 at 6:34
  • @Rico i don't want use NodePort i need LB! because of that i'm using INGRESS! Commented Jul 16, 2020 at 6:35

2 Answers 2

Reset to default
3

ClusterIP is not accessible from outside kubernetes cluster. ClusterIP provides L4 layer loadbalancing.

From the docs here you few options for nginx ingress on bare metal

  1. Use MetalLB as pure software loadbalancer implementation
  2. Use NodePort service to expose nginx ingress controller. Note you are not using NodePort to expose the regular pod.You are getting benefit of L7 layer load balancing by nginx.
  3. Run nginx with hostNetwork:true

If you choose option 3 which is easiest in my opinion you can access the kubernetes pod via ingress using curl http://<NODEIP> -H "Host: app.example.com"

Improve this answer
Sign up to request clarification or add additional context in comments.

11 Comments

It is exposed, I missed the port-number is 30532! with using option 3, just can have one POD (or it can dynamic port assign i don't know).
nginx ingress controller will listen on port 80 on the bare metal server's network directly.Other pods you run normally and can be on any port
So i need another Nginx on Node to proxy! Why it can't expose to 80? only more than 30000 ?!!?
What you mean another nginx ? There is only one nginx process running as pod but on host network not on pod network. In this case you don't need a service to expose nginx..thats the advantage
So why that Nginx doesn't respond on port 80 from outside? Ingress is on my valid IP (x.x.x.x) on port 80. But it is not works, i can access using 30532 from internet.
|
0

Another way is to add externalIPs: to ingress-nginx-controller. In such scenario you will be able to access your services as follows:

curl -i http://${externalIP}:80 -H "Host: app.example.com"

You can add app.example.com to /etc/hosts and access your services via hostnames.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.