2

We are in the process of move all our services over to Docker hosted on Google Container Engine. In the mean time we have have some services in docker and some not.

Within Kubernetes services discovery is easy via DNS, but how do I resolve services from outside my container cluster? ie, How do I connect from a Google Compute Engine instance to a service running in Kubernetes?

Leon
  • 12,013
  • 5
  • 36
  • 59
  • See http://stackoverflow.com/questions/35812076. – Dagang Aug 11 '16 at 16:58
  • Thanks @Dagang, that did not directly solve my problem, but at did lead me down the right path – Leon Aug 12 '16 at 06:12
  • See my answer using internal load balancing + nodePort here: https://stackoverflow.com/questions/35812076/access-http-service-running-in-gke-from-google-dataflow/44844390#44844390 – martin.code Jun 30 '17 at 11:04

1 Answers1

1

The solution I have for now is to use the service clusterIP address.

You can see this IP address by executing kubectl get svc. This ip address is by default not static, but you can assign it when defining you service.

From the documentation:

You can specify your own cluster IP address as part of a Service creation request. To do this, set the spec.clusterIP

The services are accessed outside the cluster via IP address instead of DNS name.

Update

After deploying another cluster the above solution did not work. It turns out that the new IP range could not be reached and that you do need to add a network route.

You can get the cluster IP range by running $ gcloud container clusters describe CLUSTER NAME --zone ZONE

In the output the ip range is shown with the key clusterIpv4Cidr, in my case it was 10.32.0.0/14.

Then create a route for that ip range that points to one of the nodes in your cluster. $ gcloud compute routes create --destination-range 10.32.0.0/14 --next-hop-instance NODE0 INSTANCE NAME

Community
  • 1
  • 1
Leon
  • 12,013
  • 5
  • 36
  • 59
  • I'll just leave this here until somebody comes up with a better idea – Leon Aug 12 '16 at 06:19
  • For Kubernetes services, clusterIP is only accessible within the cluster, externalIP is accessible from outside the cluster. http://kubernetes.io/docs/user-guide/connecting-applications/#exposing-the-service – Dagang Aug 14 '16 at 20:12
  • clusterIP is in the private IP space (RFC 1918), typically 10.x.x.x, how could it be accessible from the outside? but I just realized you were accessible it from an GCE instance outside the cluster, it could work, as they are in the same virtual network. – Dagang Aug 15 '16 at 16:16
  • @Dagang turns out I was just lucky with my first cluster, had to manually create a route for my second cluster – Leon Sep 01 '16 at 09:30