Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Kubernetes can't port-forward externalName service

Tags:

amazon-web-services

kubernetes

kubectl

portforwarding

Im create service with type external name:

apiVersion: v1
kind: Service
metadata:
  name: my-service
  namespace: dev
spec:
  externalName: google.com
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  sessionAffinity: None
  type: ExternalName

By off K8s docs add new endpoint:

apiVersion: v1
kind: Endpoints
metadata:
  name: my-service
  namespace: dev
subsets:
- addresses:
  - ip: 172.217.20.206
  ports:
  - port: 80
    protocol: TCP

And trying forward it to my localhost:

kubectl port-forward -n dev svc/my-service 8080:80

and got the error:

error: cannot attach to *v1.Service: invalid service 'my-service': Service is defined without a selector

AFAIU, I did all steps by off docs, where I missed ? Or K8s not provide ability port-forward externalName in general?

like image 828
Alexander Rudenko Avatar asked Jan 25 '23 16:01

Alexander Rudenko

1 Answers

kubectl port-forward only actually forwards a local connection to a single specific pod. While it looks like you can port-forward to other things, these are just means of picking a pod. If you run kubectl port-forward service/foo 12345:80, it actually looks at the pods selected by that Service, remaps the service's port 80 to the corresponding pod port, and forwards to that specific pod.

In your case, this means you can't port-forward to an ExternalName service, because there isn't a pod behind it, and kubectl port-forward only actually forwards to pods.

There are a couple of other implications (or demonstrations) of this. Start a normal Deployment running some service with 3 replicas, with a normal Service in front of it. Port-forward to either the Deployment or the Service, and run a load test; you will see only one pod receive all the traffic. Delete that specific pod, and the port-forward will shut down.

If you want to connect to an ExternalName service, or otherwise do any of the more interesting things services do, you need to make the connection originate from inside the cluster. You could kubectl run a temporary pod as an example:

kubectl run curl-test --rm --image=curlimages/curl --generator=run-pod/v1 -- \
  http://my-service.dev.svc.cluster.local
like image 63
David Maze Avatar answered Feb 12 '23 21:02

David Maze
Sign in to Comment

Related questions

How to apply multiple SSH keys to an AWS Lightsail Instance
Creating aws lambda integrated api gateway resource with boto3
Adding a Postgresql role to a database after the RDS instance was created via Terraform
AWS: How to save Streaming data to database hosted on EC2 ( ex. MySQL/ MongoDB )
Is AWS SQS visibility timeout valid for a single message or all the messages per poll
What is the google smtp service similar to amazon ses, is it gmail smtp?
why supervisor gunicorn shows fatal error command not found?
How to use AWS VPC endpoints in NAT enabled subnets?
Extract security group id from security group name in terraform
How can I reference an existing role in my new CloudFormation template?
How to invoke lambda async with AWS ApiGateway HttpApi
Does SQS trigger lambda in an async / sync manner?
No Amazon Linux 2 in Lightsail?
Mocking Secrets Manager module for JavaScript jest unit tests
Amazon EventBridge: Match an object inside of an array
Container Command Fails in Django on Elastic Beanstalk Python 3.7
AWS Elasticache - Redis Autoscaling
Does lambda persist any data in memory?
AWS System Manager Parameter Store vs Secrets Manager vs Environment Variation in Lambda, when to use which
create custom AWS IAM policy using CDK

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!