How to Connect to Your Damn Kubernetes Pod

Eric Semeniuc

Eric Semeniuc

April 19, 2021

How To Connect To Your Damn Kubernetes Pod

So you have nginx in pod running on port 80, and you just want to curl the damn thing. How do you do it??

Let’s start with a yaml file

apiVersion: apps/v1   
kind: Deployment  
metadata:  
  name: my-nginx  
spec:  
  selector:  
    matchLabels:  
      run: my-nginx  
  replicas: 2  
  template:  
    metadata:  
      labels:  
        run: my-nginx  
    spec:  
      containers:  
        - name: my-nginx  
          image: nginx  
          ports:  
            - containerPort: 80  
---  
apiVersion: v1  
kind: Service  
metadata:  
  name: my-nginx  
  labels:  
    run: my-nginx  
spec:  
  ports:  
    - port: 80  
      protocol: TCP  
  selector:  
    run: my-nginx

nginx.yaml source: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/

Apply with: kubectl apply -f nginx.yaml --overwrite

If you have any old stuff and want to reset get back to stock: kubectl delete all --all --force

Option 1 - Kubernetes Port Forwarding (Easiest)

This forwards port 80 in your container to port 8888 on the host.

kubectl port-forward deploy/my-nginx 8888:80 or kubectl port-forward service/my-nginx 8888:80

curl localhost:8888

Ref: https://kubectl.docs.kubernetes.io/references/kubectl/port-forward/

Option 2 - Kubernetes Proxy

Run kubectl proxy in the background and use Pod or Service method below.

Note: this works for HTTP(S) services only, and beware the trailing slash!

Via a Service

➜  ~ kubectl get services
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP   3h9m
my-nginx     ClusterIP   10.109.50.51   <none>        80/TCP    3h9m

curl http://localhost:8001/api/v1/namespaces/default/services/my-nginx/proxy/

Ref: https://kubectl.docs.kubernetes.io/references/kubectl/proxy/#connecting-to-an-internal-service

Via a Pod

➜  ~ kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
my-nginx-5b56ccd65f-dtgcg   1/1     Running   0          3h10m
my-nginx-5b56ccd65f-rr5nc   1/1     Running   0          3h10m

curl http://localhost:8001/api/v1/namespaces/default/pods/$POD_NAME/proxy/

Ref: https://stackoverflow.com/a/55192825/3408577

Option 3 - Minikube ssh

➜  ~ kubectl get endpoints
NAME         ENDPOINTS                     AGE
kubernetes   192.168.49.2:8443             3h12m
my-nginx     172.17.0.3:80,172.17.0.4:80   3h12m
➜  ~ minikube ssh
Last login: Tue Apr 13 19:22:22 2021 from 192.168.49.1
docker@minikube:~$ curl 172.17.0.3:80
<!DOCTYPE html>
<html>
...

Option 4 - NodePort

We will change our Service to use a NodePort

apiVersion: v1  
kind: Service  
metadata:  
  name: my-nginx  
  labels:  
    run: my-nginx  
spec:  
  ports:  
    - port: 80  
      protocol: TCP  
  selector:  
    run: my-nginx
➜  ~ kubectl get services
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP        3h40m
my-nginx     NodePort    10.109.50.51   <none>        80:30305/TCP   3h40m
➜  ~ kubectl cluster-info
Kubernetes control plane is running at https://192.168.49.2:8443
KubeDNS is running at https://192.168.49.2:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

Use the Kubernetes node IP from the cluster info with the NodePort from the service:

curl 192.168.49.2:30305

Ref: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport

Other notes

General info on accessing your cluster: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-services-running-on-the-cluster