stackoom
  简体   繁体   中英

Exposing kubernetes service using elastic ip address on aws

 原文  2017-07-28 08:38:40       amazon-ec2/ kubernetes

Question

I'm trying to figure out how to run openvpn server running inside a pod using UDP protocol.

Since it's easier to test using http than openvpn connections, I have also nginx-container running inside that same pod as openvpn-container is.

I can get everything working inside the cluster but I cannot expose this nginx service to Internet using my elastic ip.

Network is Weave.

Kubernetes version is 1.6

I have set the externalIPs-field in the service.yaml to my elastic ip address. I cannot use type LoadBalancer since my protocol is UDP.

Service: 

# kubectl describe service openvpn                              
Name:           openvpn
Namespace:      default
Labels:         name=openvpn
Annotations:        kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"name":"openvpn"},"name":"openvpn","namespace":"default"},"spec":{"externalI...
Selector:       name=openvpn
Type:           NodePort
IP:         100.71.93.74
External IPs:       <my_elastic_ip>
Port:           openvpn 1194/UDP
NodePort:       openvpn 30726/UDP
Endpoints:      100.120.0.1:1194
Port:           http    80/TCP
NodePort:       http    30000/TCP
Endpoints:      100.120.0.1:80
Session Affinity:   None
Events:         <none>

Endpoints 

# kubectl get endpoints openvpn  
NAME      ENDPOINTS                         AGE
openvpn   100.120.0.1:80,100.120.0.1:1194   20h

I have followed through the https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/ and everything works inside the cluster.

I have allocated the elastic ip to this specific instance manually using AWS Console. All security groups are updated.

So is it even possible to connect to a pod inside a kubernetes cluster using a elastic ip attached to that host node? If it is, how to do that?

2 answers

solution1
 1  2017-08-20 18:13:53

Rather than use an IP address you could get K8S to use the type: LoadBalancer which will setup a Classic AWS ELB. From there you could CNAME a domain / sub-domain to the ELB and access the service that way?

A quick example: 

apiVersion: v1
kind: Service
metadata:
  name: MyApp
  labels:
    app: MyApp
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 80
    name: MyApp
  selector:
    app: MyApp

solution2
 0  2017-08-20 16:08:03

You can try NodePort type. With the following then you can access the service via <node-ip>:30080 

apiVersion: v1
kind: Service
metadata:
  labels:
    app: app
  name: app-service
  namespace: default
spec:
  ports:
  - name: ext
    nodePort: 30080
    protocol: UDP
    port: 80
  selector:
    app: app
type: NodePort

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question In AWS is there a thing like a private elastic IP address? How to delete an Elastic IP Address in AWS Elastic ip address is not assigning automatically on AWS Public IP on service for AWS in Kubernetes fails How to tell if AWS Elastic Network Interface (ENI) has a public IP address using Python boto? AWS Lambda to release elastic IP Address from EC2 instance AWS public subnet vs Assigning elastic IP address to an instance of a VPC aws cli command for list of elastic ip address that are not in use? How can I serve multiple sub-domains using a single Elastic IP Address in AWS using Route 53? AWS Elastic IP not in subnet?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM