Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problem accessing kind from local #1875

Closed
dogukanturan opened this issue Sep 29, 2020 · 7 comments
Closed

Problem accessing kind from local #1875

dogukanturan opened this issue Sep 29, 2020 · 7 comments
Assignees
Labels
kind/support Categorizes issue or PR as a support question.

Comments

@dogukanturan
Copy link

I installed an ubuntu server with Vagrant and successfully installed my cluster on this server.

Problem: I cannot access locally when I run any distribution and add nodeport. Also as kubectl cluster-info output

Kubernetes master is running at https://127.0.0.1:42252
KubeDNS is running at https://127.0.0.1:42252/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

When I change the address 127.0.0.1 with the server address(for example 192.168.50.10) here, I cannot access it.

Test Command

kubectl create deployment test --image=nginx --port=80
kubectl expose deployment test --type=NodePort

I think the problem is caused by kind starting as localhost. How can I create a cluster with my server ip address instead of localhost?

@dogukanturan dogukanturan added the kind/support Categorizes issue or PR as a support question. label Sep 29, 2020
@BenTheElder
Copy link
Member

@BenTheElder BenTheElder self-assigned this Sep 29, 2020
@dogukanturan
Copy link
Author

dogukanturan commented Sep 29, 2020

https://kind.sigs.k8s.io/docs/user/configuration/#api-server

Thanks, I can now access the api service from local, but when I start any application, my access problem persists. What do I have to do to use NodePort?

screenshot1
screenshot2

@BenTheElder
Copy link
Member

your kind node has an IP that is reachable from its linux host.

since you have a vagrant layer on top, you will need some passthrough.
you can use https://kind.sigs.k8s.io/docs/user/configuration/#extra-port-mappings to configure port forwards from the host to the node.

if you operated from within the vagrant node you wouldn't need to do this.
you can see an example (aimed at being portable with docker desktop) here https://kind.sigs.k8s.io/docs/user/ingress/

@BenTheElder
Copy link
Member

note: the intended use case is that you run docker on your host, and then kind is accessible on that host.

kind is aimed at local test clusters. we can make these things work, but I recommend avoiding the extra layers.

@dogukanturan
Copy link
Author

your kind node has an IP that is reachable from its linux host.

since you have a vagrant layer on top, you will need some passthrough.
you can use https://kind.sigs.k8s.io/docs/user/configuration/#extra-port-mappings to configure port forwards from the host to the node.

if you operated from within the vagrant node you wouldn't need to do this.
you can see an example (aimed at being portable with docker desktop) here https://kind.sigs.k8s.io/docs/user/ingress/

I will use this in a test environment. I looked at the extra port mapping, but this opens a port. How can I allow a specific range of ports? How can I grant (30000-32767) or all tcp, udp access permissions cross-platform?

@dogukanturan
Copy link
Author

I was able to run my applications with extraPortMappings, but I had to pre-set the ports as I would do different tests. After the following output, I got a few questions. Thank you.

kindconfig.yaml

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
  apiServerAddress: "192.168.50.10"
  apiServerPort: 6443
nodes:
- role: control-plane
  extraPortMappings:
  - containerPort: 30080
    hostPort: 30080
    listenAddress: "192.168.50.10"
    protocol: TCP
  - containerPort: 30081
    hostPort: 30081
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30082
    hostPort: 30082
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30083
    hostPort: 30083
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30084
    hostPort: 30084
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30085
    hostPort: 30085
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30086
    hostPort: 30086
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30087
    hostPort: 30087
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30088
    hostPort: 30088
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30089
    hostPort: 30089
    listenAddress: "192.168.50.10"
    protocol: TCP    
  - containerPort: 30090
    hostPort: 30090
    listenAddress: "192.168.50.10"
    protocol: TCP

Docker Port Output

vagrant@kind:~$ docker port kind-control-plane

30080/tcp -> 192.168.50.10:30080
30085/tcp -> 192.168.50.10:30085
30088/tcp -> 192.168.50.10:30088
6443/tcp -> 192.168.50.10:6443
30087/tcp -> 192.168.50.10:30087
30089/tcp -> 192.168.50.10:30089
30090/tcp -> 192.168.50.10:30090
30081/tcp -> 192.168.50.10:30081
30082/tcp -> 192.168.50.10:30082
30083/tcp -> 192.168.50.10:30083
30084/tcp -> 192.168.50.10:30084
30086/tcp -> 192.168.50.10:30086
  • Do I really need to manually add ports one by one to access a service running on my server? That way, I can access my application running on the server from my Windows machine, but there is no easier way to do it? For example, can't I allow a specific port range?

  • When the cluster is run with kindconfig.yaml file, I think we have no chance to update these ports. In this case, should I do the following?

Delete cluster
Update kindconfig.yaml file
Create a new cluster with kindconfig.yaml file

@BenTheElder
Copy link
Member

Do I really need to manually add ports one by one to access a service running on my server? That way, I can access my application running on the server from my Windows machine, but there is no easier way to do it? For example, can't I allow a specific port range?

Again, kind is aimed at local clusters, where you would not need to. In order to map them through remotely this is one way to do it. The networking limitations here aren't KIND specific, this is just docker networking.

When the cluster is run with kindconfig.yaml file, I think we have no chance to update these ports. In this case, should I do the following?

Yes. Docker port forwards are not something that can be added to a container while running, we have to recreate it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/support Categorizes issue or PR as a support question.
Projects
None yet
Development

No branches or pull requests

2 participants