Search code examples
kuberneteskubernetes-ingressnginx-ingress

Kubernetes - connection refuse using nginx ingress

I am learning Kubernetes, and I did create a LAB on a Bare-Metal, So I'm a Kubernetes noob!

I did create my deployment and it is running and accessible using NodePort, But when I use nginx-ingress, The nginx container is running and it is responding inside its container using curl localhost, but when I try from the outer world, I see this message: curl: (7) Failed to connect to app.example.com port 80: Connection refused

These are my app-service.yml and app-ingress.yml which they are running.

apiVersion: v1
kind: Service
metadata:
  name: my-app-service
spec:
  ports:
  - port: 80
    targetPort: 3010
    protocol: TCP
    name: http
  selector:
    app: my-app

kind: Ingress
metadata:
  name: my-ingress
  labels:
    app: my-app
  annotations:
    # use the shared ingress-nginx
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: my-app-service
          servicePort: 80

Also my deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app-deployment
  labels:
    app: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-app
          image: my-app:1.0
          ports:
            - containerPort: 3010

The command: kubectl get all --namespace ingress-nginx is showing:

NAME                                            READY   STATUS      RESTARTS   AGE
pod/ingress-nginx-admission-create-tc8t7        0/1     Completed   0          73m
pod/ingress-nginx-admission-patch-lnbcp         0/1     Completed   2          73m
pod/ingress-nginx-controller-7fd7d8df56-bjmrm   1/1     Running     0          74m

NAME                                         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
service/ingress-nginx-controller             NodePort    10.110.64.201    <none>        80:30532/TCP,443:31993/TCP   74m
service/ingress-nginx-controller-admission   ClusterIP   10.108.186.241   <none>        443/TCP                      74m

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           74m

NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-7fd7d8df56   1         1         1       74m

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/ingress-nginx-admission-create   1/1           5s         74m
job.batch/ingress-nginx-admission-patch    1/1           19s        74m

and the command: kubectl get ing is showing:

NAME          CLASS    HOSTS                  ADDRESS         PORTS   AGE
my-ingress   <none>   app.example.com         X.X.X.X         80      11m
Solution

  • ClusterIP is not accessible from outside kubernetes cluster. ClusterIP provides L4 layer loadbalancing.

    From the docs here you few options for nginx ingress on bare metal

    1. Use MetalLB as pure software loadbalancer implementation
    2. Use NodePort service to expose nginx ingress controller. Note you are not using NodePort to expose the regular pod.You are getting benefit of L7 layer load balancing by nginx.
    3. Run nginx with hostNetwork:true

    If you choose option 3 which is easiest in my opinion you can access the kubernetes pod via ingress using curl http://<NODEIP> -H "Host: app.example.com"