Home > Blockchain >  can't expose kubernetes service aws ec2
can't expose kubernetes service aws ec2

Time:09-21

i've automation deployment with jenkins to kubernetes using AWS ec2, but i can't access it

outside`ubuntu@ip-172-31-32-236:~$ kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
node-app-55b7788b4b-b5rrb   1/1     Running   2          22h
ubuntu@ip-172-31-32-236:~$ kubectl get deployment
NAME       READY   UP-TO-DATE   AVAILABLE   AGE
node-app   1/1     1            1           22h
ubuntu@ip-172-31-32-236:~$ kubectl get svc
NAME         TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes   ClusterIP      10.96.0.1        <none>        443/TCP          7d17h
lb-service   LoadBalancer   10.109.120.200   <pending>     9005:31694/TCP   18h

i was trying ClusterIP, NodePort, and LoadBalancer but can't access it to internet. don't have external IP.

    Name:         node-app-55b7788b4b-b5rrb
Namespace:    default
Priority:     0
Node:         worker01/172.31.2.82
Start Time:   Mon, 19 Sep 2022 08:10:23  0000
Labels:       app=node-app
              pod-template-hash=55b7788b4b
Annotations:  <none>
Status:       Running
IP:           10.244.1.46
IPs:
  IP:           10.244.1.46
Controlled By:  ReplicaSet/node-app-55b7788b4b
Containers:
  node-app:
    Container ID:   docker://6b21adefe9d81f7ec96a7e50803aa999ea72aeaa09d5535b0757f19ac0a2a03a
    Image:          <harbor_url>/node/node-app:81
    Image ID:       docker-pullable://<harbor_url>/node/node-app@sha256:c1b7fbb01add4e6c89507b6413ce34d618d08629031fdc669fa05d0290d2e4b9
    Port:           9005/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Tue, 20 Sep 2022 06:08:50  0000
    Last State:     Terminated
      Reason:       Error
      Exit Code:    137
      Started:      Mon, 19 Sep 2022 11:02:52  0000
      Finished:     Mon, 19 Sep 2022 11:31:27  0000
    Ready:          True
    Restart Count:  2
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-rjgl9 (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  kube-api-access-rjgl9:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason                  Age                From               Message
  ----     ------                  ----               ----               -------

here's the service

ubuntu@ip-172-31-32-236:~$ kubectl describe service lb-service
Name:                     lb-service
Namespace:                default
Labels:                   <none>
Annotations:              <none>
Selector:                 app=node-app
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.109.120.200
IPs:                      10.109.120.200
Port:                     <unset>  9005/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  31694/TCP
Endpoints:                10.244.1.46:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

.yaml file

    apiVersion: apps/v1
kind: Deployment # Kubernetes resource kind we are creating
metadata:
  name: node-app
spec:
  selector:
    matchLabels:
      app: node-app
  replicas: 1 # Number of replicas that will be created for this deployment
  template:
    metadata:
      labels:
        app: node-app
    spec:
      containers:
        - name: node-app
          image: <harbor_url>/node/node-app:$BUILD_NUMBER # Image that will be used to containers in the cluster
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 9005 # The port that the container is running on in the cluster
      imagePullSecrets:
        - name: harbor-reg


---

apiVersion: v1 # Kubernetes API version
kind: Service # Kubernetes resource kind we are creating
metadata: # Metadata of the resource kind we are creating
  name: node-svc
spec:
  selector:
    app: node-app
  ports:
    - protocol: "TCP"
      port: 9005 # The port that the service is running on in the cluster
      targetPort: 80 # The port exposed by the service
  type: LoadBalancer # type of the service.

i using flanel for network policy

ubuntu@ip-172-31-32-236:~$ kubectl get pods --all-namespaces
NAMESPACE      NAME                                       READY   STATUS    RESTARTS   AGE
default        node-app-55b7788b4b-b5rrb                  1/1     Running   2          22h
kube-flannel   kube-flannel-ds-j88kj                      1/1     Running   6          7d18h
kube-flannel   kube-flannel-ds-lb2cp                      1/1     Running   10         7d18h
kube-system    coredns-558bd4d5db-58kt2                   1/1     Running   7          7d18h
kube-system    coredns-558bd4d5db-mnsjl                   1/1     Running   8          7d18h
kube-system    etcd-ip-172-31-32-236                      1/1     Running   9          7d18h
kube-system    kube-apiserver-ip-172-31-32-236            1/1     Running   8          7d18h
kube-system    kube-controller-manager-ip-172-31-32-236   1/1     Running   9          7d18h
kube-system    kube-proxy-4vv72                           1/1     Running   6          7d18h
kube-system    kube-proxy-qxtsz                           1/1     Running   9          7d18h
kube-system    kube-scheduler-ip-172-31-32-236            1/1     Running   9          7d18h

also iam trying access it with public IP on worker node and master, but i find dead end.

CodePudding user response:

After having Jenkins up and running with the ports exposed, you need to expose the application to the WEB. In order to do that you should create an Ingress.

But for more simplicity you can deploy jenkins using helm, see the following link

CodePudding user response:

Not sure how did you install the Harbor.

First, you should create a load balancer in AWS with DNS harbor.local, then you could get it's external IP Address.

Second, deploy harbor with the loadBalancer settings.

git clone https://github.com/goharbor/harbor-helm
cd harbor-helm
helm install myrelease .  --set expose.type=loadBalancer,expose.tls.auto.commonName=harbor.local,externalURL=https://harbor.local

After deploy complete, you can add harbor.local to your DNS or updating /etc/hosts of the client machine.

<IP address>  harbor.local

Then try login to harbor with

https://harbor.local

  • Related