Menu
How can I expose service of type NodePort to internet without using type LoadBalancer? Every resource I have found was doing it by using load balancer. But I don't want load balancing its expensive and unnecessary for my use case because I am running one instance of postgres image which is mounting to persistent disk and I would like to be able to connect to my database from my PC using pgAdmin. If it is possible could you please provide bit more detailed answer as I am new to Kubernetes, GCE and networking.
Just for the record and bit more context I have deployment running 3 replicas of my API server to which I am connecting through load balancer with set loadBalancerIP and another deployment which is running one instance of postgres with NodePort service through which my API servers are communicating with my db. And my problem is that maintaining the db without public access is hard.
293
Exposing services as NodePort : Declaring a Service as NodePort exposes it on each Node's IP at a static port (referred to as the NodePort ). You can then access the Service from outside the cluster by requesting <NodeIp>:<NodePort> . This can also be used for production, albeit with some limitations.
On the Deployment details page, click list Actions > Expose. In the Expose dialog, under Port mapping, set the following values: Port: 80. Target port: 8080.
Configuring the ServiceLog in to the master node. Edit the service definition to specify spec. type:NodePort and optionally specify a port in the 30000-32767 range. Note that the external IP is listed as <none> and the node ports are listed.
If you don't use a private cluster where nodes don't have public IP addresses, you can access your NodePort services using any node's public IP address. What you can see in Services & Ingresses section in the Endpoints column, it's an internal, cluster ip address of your NodePort service.
using NodePort as Service type works straight away e.g. like this:
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
type: NodePort
ports:
- port: 80
nodePort: 30080
name: http
- port: 443
nodePort: 30443
name: https
selector:
name: nginx
More details can be found in the documentation.
The drawback of using NodePort is that you've to take care of integrating with your providers firewall by yourself. A starting port for that can also be found in the Configuring Your Cloud Provider's Firewalls section of the official documentation.
For GCE opening up the above for publicly on all nodes could look like:
gcloud compute firewall-rules create myservice --allow tcp:30080,tcp:30443
Once this is in place your services should be accessable through any of the public IPs of your nodes. You'll find them with:
gcloud compute instances list
You can run kubectl in a terminal window (command or power shell in windows) to port forward the postgresql deployment to your localhost.
kubectl port-forward deployment/my-pg-deployment 5432:5432
While this command is running (it runs in the foreground) you can use pgAdmin to point to localhost:5432 to access your pod on the gke. Simply close the terminal once you are done using the pgadmin.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
