Search code examples
kuberneteskubeadmkubeletflannelcalico

Kubernetes cluster with flannel - port forwarding

Setup on machine:

  • Ubuntu 20.04
  • Kubernetes cluster started with kubeadm and flannel network plugin

On my working machine I installed Jenkins on cluster and want to configure network to be able to access jenkins from port 8081. By default it's possible only to forwarded port (30667 in my case). Is it possible on ubuntu?

NAME                           READY   STATUS    RESTARTS   AGE
pod/jenkins-5b6cb84957-n497l   1/1     Running   4          93m

NAME                 TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)          AGE
service/jenkins      LoadBalancer   10.96.81.85   <pending>     8081:30667/TCP   93m
service/kubernetes   ClusterIP      10.96.0.1     <none>        443/TCP          94m

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/jenkins   1/1     1            1           93m

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/jenkins-5b6cb84957   1         1         1       93m

NAME                              COMPLETIONS   DURATION   AGE
job.batch/pv-recycler-generator   1/1           5s         42s

Tried also with calico network plugin - same result

But before I worked with Docker desktop on Mac and Windows where it was possible out of box

Solution

  • Service type of Loadbalancer works best when you run it on cloud because cloud provisioners will automate the process of creating external loadbalancer for you and configuring it to work with Kubernetes. In case when working on prem this whole process has to be done by you. You have do it yourself or use 3rd party tools to do that, e.g. Metallb.

    Notice the pending field in the External-ip column. The easiest way would be to set it manually to IP address of your node.

    First you have get your node ip:

    ➜  ~ k get node -owide
NAME         STATUS     ROLES    AGE    VERSION      INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION    CONTAINER-RUNTIME
instance-1    Ready      master   221d   v1.17.0  👉 10.128.15.230   <none>        Ubuntu 16.04.6 LTS   4.15.0-1090-gcp   docker://18.6.1

    Then add this IP address in the externalIPs field in the service spec:

    ➜  ~ cat loadbalancer.yml 
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  externalIPs: 
  - 10.128.15.230 👈
  selector:
    app: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: LoadBalancer

    One you do that you will be able to see that external IP is no longer pending:

    NAME                  TYPE           CLUSTER-IP        EXTERNAL-IP     PORT(S)                      AGE
my-service            LoadBalancer   10.101.150.192 👉 10.128.15.230   80:11438/TCP                 5m1s

    And then you just have use that external IP with the nodePort that kube-proxy opened on that node:

    ➜  ~ curl 10.128.15.230:11438 
{
  "path": "/",
  "headers": {
    "host": "10.128.15.230:11438",
    "user-agent": "curl/7.47.0",
    "accept": "*/*"
  },
  "method": "GET",
  "body": "",
  "fresh": false,
  "hostname": "10.128.15.230",
  "ip": "::ffff:10.128.15.230",
  "ips": [],
  "protocol": "http",
  "query": {},
  "subdomains": [],
  "xhr": false,
  "os": {
    "hostname": "label-demo"
  },
  "connection": {}