How to expose a Ingress for external access in Kubernetes?

kubernetes kubernetes-ingress nginx-ingress
user2831852 picture user2831852 · Oct 4, 2018 · Viewed 7k times · Source

I have a kubernetes cluster on a private network(private server, not aws or google cloud) and I created a Service to be able to access, however, I need to be able to access from outside the cluster and for this I created an Ingress and added ingress-nginx in the cluster.

This is the YAML I'm using after making several attempts:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: demo-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
  rules:
  - host: k8s.local
    http:
      paths:
      - path: /
        backend:
          serviceName: nginx
          servicePort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  type: ClusterIP
  selector:
    name: nginx
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
  # selector:
    # app: nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: echoserver
        image: nginx
        ports:
        - containerPort: 80

I ran yaml like this: kubectl create -f file.yaml

In the /etc/hosts file I added k8s.local to the ip of the master server.

When trying the command in or out of the master server a "Connection refused" message appears: $ curl http://172.16.0.18:80/ -H 'Host: k8s.local'

I do not know if it's important, but I'm using Flannel in the cluster.

My idea is just to create a 'hello world' and expose it out of the cluster!

Do I need to change anything in the configuration to allow this access?

YAML file edited:

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: demo-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    # nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: k8s.local
    http:
      paths:
      - path: /teste
        backend:
          serviceName: nginx
          servicePort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  type: LoadBalancer # NodePort
  selector:
    app: nginx
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: echoserver
        image: nginx
        ports:
        - containerPort: 80

Answer

Lev Kuznetsov picture Lev Kuznetsov · Oct 5, 2018

You can deploy the ingress controller as a daemonset with host port 80. The service of the controller will not matter then. You can point your domain to every node in your cluster

You can do a NodePort type service but that will force you to use some port in the 30k vicinity, you will not be able to use port 80

Of course the best solution is to use a cloud provider with a load balancer

Related questions

Ingress configuration for k8s in different namespaces

I need to configure Ingress Nginx on azure k8s, and my question is if is possible to have ingress configured in one namespace et. ingress-nginx and some serivces in other namespace eg. resources? My files looks like so: # ingress-nginx.…

Read More
Kubernetes Nginx Ingress not finding service endpoint

I'm having some trouble getting the Nginx ingress controller working in my Kubernetes cluster. I have created the nginx-ingress deployments, services, roles, etc., according to https://kubernetes.github.io/ingress-nginx/deploy/ I also deployed a simple hello-world app which listens …

Read More
Nginx ingress controller websocket support

Recently I've been working on a toy app using Kubernetes. Part of the app is a web server that needs to support WebSockets. Currently, I'm using port-forwarding to access the web server and everything works just fine. I'd like to …

Read More