Search code examples
kuberneteskubernetes-servicecalicokubespray

How to explicitely define an Endpoint of an Kubernetes Service


I've provisioned a kubernetes cluster on my own couple of virtual machines via kubespray. Kubespray uses project-calico as default network-plugin which fits my requirements of proxying services in the cluster network to the outer world pretty well.

Kubespray deploys the apiserver itself as a ClusterIP Service. To make it reachable from outside it defines an Endpoint of this service with the master nodes Host IP Adress, which is routed to the internal ClusterIP by Calico as far as I could figure it out by myself.

My Question is: How is it possible to define my own endpoint (for another service), as these get implicietly defined already by provisioning the service.yaml and cannot be overwritten. I would like to follow a similar approach to get my Rook/Ceph Dashboard visible from outside the cluster.

EDIT: Note that kubectl get ingresses.networking.k8s.io --all-namespaces returns No resources found. and kubectl describe service kubernete returns

Name:              kubernetes
Namespace:         default
Labels:            component=apiserver
                   provider=kubernetes
Annotations:       <none>
Selector:          <none>
Type:              ClusterIP
IP:                10.233.0.1
Port:              https  443/TCP
TargetPort:        6443/TCP
Endpoints:         192.168.103.254:6443
Session Affinity:  None
Events:            <none>

Solution

  • I am not exactly sure if what You mean but i think what You are looking for is ability to expose services externally.

    You can expose Your services like Rook/Ceph Dashboard with "Publishing Services" (service types that expose internal services externally).

    As quoted from kubernetes documentation:

    For some parts of your application (for example, frontends) you may want to expose a Service onto an external IP address, that’s outside of your cluster.

    Kubernetes ServiceTypes allow you to specify what kind of Service you want. The default is ClusterIP.

    Type values and their behaviors are:

    • ClusterIP: Exposes the Service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster. This is the default ServiceType.
    • NodePort: Exposes the Service on each Node’s IP at a static port (the NodePort). A ClusterIP Service, to which the NodePort Service routes, is automatically created. You’ll be able to contact the NodePort Service, from outside the cluster, by requesting <NodeIP>:<NodePort>.
    • LoadBalancer: Exposes the Service externally using a cloud provider’s load balancer. NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created.
    • ExternalName: Maps the Service to the contents of the externalName field (e.g. foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is set up.

    Here is an example from documentation.


    You can also define the Services with yaml manifests like this:

    apiVersion: v1
    kind: Service
    metadata:
      name: examplelb
    spec:
      type: LoadBalancer
      selector:
        app: asd
      ports:
        -
          name: koala
          port: 22223
          targetPort: 22225
          nodePort: 31913
        -
          name: grisly
          port: 22224
          targetPort: 22226
          nodePort: 31914
        -
          name: polar
          port: 22225
          targetPort: 22227
          nodePort: 31915
    

    This makes pods with label: app: asd have following ports exposed with pattern internal port 22223 exposed on 31913.

    $ kubectl get svc examplelb
    NAME        TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)                                           AGE
    examplelb   LoadBalancer   10.111.8.204   <pending>     22223:31913/TCP,22224:31914/TCP,22225:31915/TCP   7d2h
    

    If service with type LoadBalancer has External-IP pending you can still access all those ports on each node as NodePort.

    Hope this helps.