Windows主机+无业游民+ kubectl端口转发：卡在无业游民

Question

I am using a windows laptop where a vagrant box is installed, where I have a kubectl client that manages some external kubernetes cluster.

For debugging purposes I would like to do a port-forwarding via kubectl and access this port from the host machine. This works perfectly from inside vagrant to the kubernetes cluster, but obviously something doesn't work in conjunction with the vagrant port forwarding from host to vagrant.

Here my setup:

1. Port-Forwarding in Vagrant:

   config.vm.network "forwarded_port", guest: 8080, host: 8080, auto_correct:false

2. start nginx container in kubernetes:

   kubectl run -i -t --image nginx test

3. forward port to localhost (inside vagrant):

   kubectl port-forward test-64585bfbd4-zxpsd 8080:80

4. test nginx running inside vagrant-box:

    vagrant@csbox:~$ curl http://localhost:8080 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> 

Works.

5. Now going a level up - on the windows host:

    PS U:\\> Invoke-WebRequest http://localhost:8080 Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a receive. At line:1 char:1 + Invoke-WebRequest http://localhost:8080 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand 

Works Not.

From my understanding - just looking at the port forwardings everything should be okay. Do you have any ideas why this doesn't work like expected?

Answer 1

By default, kubectl port-forward binds to the address 127.0.0.1 . That's why you are not able to access it outside vagrant. The solution is to make kubectl port-forward to bind to 0.0.0.0 using the argument --address 0.0.0.0

Running the command:

kubectl port-forward test-64585bfbd4-zxpsd --address 0.0.0.0 8080:80

will solve your issue.

Answer 2

kubectl port-forward binds to 127.0.0.1 and doesn't allow you to define a bind address. The traffic from your Windows host machine hits the main network interface of your Vagrant VM and therefore, this doesn't work. You can fix the issue by routing traffic from the Vagrant VM's main network interface to the loopback interface using iptables : `

1. Forward traffic from your vagrant VM's main network interface to 127.0.0.1 (replace $PORT with the port you're forwarding):
   $ $ iptables -t nat -I PREROUTING -p tcp --dport $PORT -j DNAT --to-destination 127.0.0.1:$PORT
2. Look up the name of your Vagrant VM's main network interface:
   $ ifconfig enp0s3 Link encap:Ethernet HWaddr 02:38:b8:f5:60:7e inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::38:b8ff:fef5:607e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1106 errors:0 dropped:0 overruns:0 frame:0 TX packets:736 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:423190 (423.1 KB) TX bytes:80704 (80.7 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
3. As forwarding traffic to the loopback interface is disabled per default, enable forwarding to the loopback interface (replace $MAIN_NETWORK_INTERFACE_NAME with the interface name, in the example above enp0s3 ):
   sysctl -w net.ipv4.conf.$MAIN_NETWORK_INTERFACE_NAME.route_localnet=1