Exposing pod to outside world with MySQL database in Azure Kubernetes Service

Question

Hi I've deployed single MySQL db instance in Azure via the YAML file in Azure Kubernetes service. I can get into the container via CLI when I'm inside my cluster. I would like to connect with db instance via external client like MySQL Workbench or Sqlelectron or others, outside the cluster. As I found out it's possible via correctly exposing DB instance by Service configuration.

My deployment of single instance MySQL DB instance is:

apiVersion: v1
kind: Service
metadata:
    name: mysql-db-testing-service
    namespace: testing
spec:
    type: ClusterIP
    ports:
    - port: 3306
      #targetPort: 3306
    selector:
        app: mysql-db-testing
---
apiVersion: apps/v1
kind: Deployment
metadata:
    name: mysql-db-testing
    namespace: testing
spec:
    selector:
        matchLabels:
            app: mysql-db-testing
    replicas: 1
    strategy:
        type: Recreate
    template:
        metadata:
            labels:
                app: mysql-db-testing
        spec:
            containers: 
            - name: mysql-db-container-testing 
              image: mysql:8.0.31
              env: 
              - name: MYSQL_ROOT_PASSWORD
                value: test12345
              ports:
              - containerPort: 3306
                name: mysql-port
              volumeMounts:
              - mountPath: "/var/lib/mysql"
                name: mysql-persistent-storage
            volumes:
            - name: mysql-persistent-storage
              persistentVolumeClaim:
                claimName: azure-managed-disk-pvc-mysql-testing
            nodeSelector:
                env: preprod 

As I've mentioned I can get to the container via CLI:

Console output regarding the working pod with db looks like:

Console output regarding the service:

Is there something missing in my deployment YAML file or maybe there are missing some fields? How can I expose db to the outside world? I would be grateful for help.

Answer 1

You are using ClusterIP service(line 7). The kubernetes ClusterIP service is not made to allow you to access a pod outside of the cluster. ClusterIP just provide a way to have a not changing IP for other internal services to access your pod. You should use instead Loadbalanacer. Cf https://stackoverflow.com/a/48281728/8398523 for differences

Answer 2

You have used the type: ClusterIP so it won't expose the MYSQL outside the cluster ideally, your Microservices running in the cluster will be able to access it however you can not use it externally.

To expose the service we generally have to use the type: LoadBalancer. It will directly expose your MySQL service internet and from your local workbench, you can connect to DB running on K8s.

If you really don't want to expose the MySQL service directly to internet you can deploy the adminer.

So traffic will flow like

internet > adminer > internal communication > MySQL service > MySQL POD

YAML file to deploy and get the UI output directly in the browser, it will ask of MySQL DB username, password, Host (mysql-db-testing-service.testing.svc.cluster.local) to connect

apiVersion: apps/v1
kind: Deployment
metadata:
  name: adminer
  labels:
    app: adminer
spec:
  selector:
    matchLabels:
      app: adminer
  template:
    metadata:
      labels:
        app: adminer
    spec:
      containers:
        - name: adminer
          image: adminer:4.6.3
          ports:
            - containerPort: 8080
          env:
            - name: ADMINER_DESIGN
              value: "pappu687"
---
apiVersion: v1
kind: Service
metadata:
  name: adminer-svc
spec:
  type: ClusterIP(Internally to cluster)/LoadBalancer (Expose to internet)
  selector:
    app: adminer
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080

Port-forward for local access or use service type: LoadBalancer

kubectl port-forward svc/adminer-svc 8080:8080

Open localhost:8080 in browser