windows host + vagrant + kubectl port-forward: stuck inside vagrant

Question

I am using a windows laptop where a vagrant box is installed, where I have a kubectl client that manages some external kubernetes cluster.

For debugging purposes I would like to do a port-forwarding via kubectl and access this port from the host machine. This works perfectly from inside vagrant to the kubernetes cluster, but obviously something doesn't work in conjunction with the vagrant port forwarding from host to vagrant.

Here my setup:

Port-Forwarding in Vagrant:

config.vm.network "forwarded_port", guest: 8080, host: 8080, auto_correct:false
start nginx container in kubernetes:

kubectl run -i -t --image nginx test
forward port to localhost (inside vagrant):

kubectl port-forward test-64585bfbd4-zxpsd 8080:80

test nginx running inside vagrant-box:

vagrant@csbox:~$ curl http://localhost:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Works.

Now going a level up - on the windows host:

PS U:\> Invoke-WebRequest http://localhost:8080

Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a receive.
At line:1 char:1
+ Invoke-WebRequest http://localhost:8080
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation:     (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Works Not.

From my understanding - just looking at the port forwardings everything should be okay. Do you have any ideas why this doesn't work like expected?

All things being equal, you would want `kubectl port-forward test-64585bfbd4-zxpsd 8080:80` to run on **windows**, not try to jump through so many forwarding processes. That said, it's very likely the due to the fact that `kubectl port-forward` is binding to 127.0.0.1 and thus vagrant cannot port-forward to it. If you are determined to use that approach, likely some `iptables` wizardry in the vagrant box would bridge that localhost port to the wider world — mdaniel, Apr 21 '18 at 02:12
make sure your nginx config binds port to 0.0.0.0 not localhost. If you do not want to mess up with all the port forwarding piece, just use a static IP from vagrant — Frederic Henri, Apr 22 '18 at 19:00
Please accept an answer if it helped you. Several commenters have indicated a solution below has resolved their issue, as it has mine. — James G, May 12 '21 at 01:14

score 13 · Answer 1 · answered May 01 '19 at 14:02

13

By default, kubectl port-forward binds to the address 127.0.0.1. That's why you are not able to access it outside vagrant. The solution is to make kubectl port-forward to bind to 0.0.0.0 using the argument --address 0.0.0.0

Running the command:

kubectl port-forward test-64585bfbd4-zxpsd --address 0.0.0.0 8080:80

will solve your issue.

answered May 01 '19 at 14:02

Aswath K

365
3
11

2

This should be the accepted answer.. .worked fine for me. – dghant1024 May 16 '19 at 22:19

score 0 · Answer 2 · answered Sep 27 '18 at 05:53

kubectl port-forward binds to 127.0.0.1 and doesn't allow you to define a bind address. The traffic from your Windows host machine hits the main network interface of your Vagrant VM and therefore, this doesn't work. You can fix the issue by routing traffic from the Vagrant VM's main network interface to the loopback interface using iptables: `

Forward traffic from your vagrant VM's main network interface to 127.0.0.1 (replace $PORT with the port you're forwarding):
$ $ iptables -t nat -I PREROUTING -p tcp --dport $PORT -j DNAT --to-destination 127.0.0.1:$PORT
Look up the name of your Vagrant VM's main network interface:
$ ifconfig enp0s3 Link encap:Ethernet HWaddr 02:38:b8:f5:60:7e inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::38:b8ff:fef5:607e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1106 errors:0 dropped:0 overruns:0 frame:0 TX packets:736 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:423190 (423.1 KB) TX bytes:80704 (80.7 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
As forwarding traffic to the loopback interface is disabled per default, enable forwarding to the loopback interface (replace $MAIN_NETWORK_INTERFACE_NAME with the interface name, in the example above enp0s3):
sysctl -w net.ipv4.conf.$MAIN_NETWORK_INTERFACE_NAME.route_localnet=1

You can define the bind address using the flag `--address` – Aswath K May 01 '19 at 14:03 — Aswath K, May 01 '19 at 14:03

windows host + vagrant + kubectl port-forward: stuck inside vagrant

2 Answers2