问题
I want to sent traffic from one port through kubernetes cluster (using minikube) to another physical port. I don't know how to route traffic from physical port to cluster and from cluster to the second physical port. I'm exposing cluster via ingress (and I tested service solution also), i have one service to send external tarffic to pod and another to sent traffic from first pod to second pod. But I really don't know how to send this traffic from port to cluster and how to sent from cluster to receiving port...
My cluster is described in there: How to route test traffic through kubernetes cluster (minikube)?
回答1:
Assuming that:
- Traffic needs to enter through a physical
enp0s6
port onUbuntu
Server and be sent toPod
Pod
is configured with some software capable of routing traffic.Pod
from the image is routing traffic received to a physicalenp0s5
port on the sameUbuntu
Server machine (or further down the line).
This answer does not acknowledge:
- Software used to route the traffic from
Pod
to a physical portenp0s5
.
A side note!
Please consider entering each link that I included in the answer as there are a lot of useful information.
Minikube is a tool that spawn your single node Kubernetes cluster for development purposes on your machine (PC, Laptop, Server, etc.).
It uses different drivers to run Kubernetes (it can be deployed as bare-metal
, in docker
, in virtualbox
, in kvm
, etc.). This allows for isolation from host (Ubuntu
Server). It also means that there are differences when it comes to the networking part of this setup.
By the setup of minikube
with kvm2
driver you will need to make some additional changes to your setup to be able to route traffic from 192.168.0.150
to your Deployment (set of Pods
).
Let' assume that the Deployment
manifest is following:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
Also let's assume that the Service
manifest is following:
apiVersion: v1
kind: Service
metadata:
name: nginx-deployment
spec:
type: NodePort
selector:
app: nginx # <-- this needs to match with Deployment matchLabels
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30000
Service
of type NodePort
from above example will expose your Deployment
on a minikube
instance (IP) on port 30000
.
In this particular example Service
(An abstract way to expose an application running on a set of Pods as a network service) will expose the Pod
within minikube
instance and your host but not for external access (like other machine in the 192.168.0.0/24
network).
Options to allow external traffic are either:
- Run on your host (
Ubuntu
Server):$ kubectl port-forward --address 192.168.0.150 service/nginx-deployment 8000:80
kubectl
will allow connections on your Ubuntu
Server on port 8000
to be forwarded directly to the nginx-deployment
service and inherently to your Pod
.
Side notes!
You can also use
kubectl port-forward
on your PC/Laptop and by that you can direct traffic from the PC/Laptop port to yourPod
.
--address 192.168.0.150
is set to target specificallyenp0s6
.
- Use OS built-in port forwarding.
You can read more about it by following this answer:
- Serverfault: Setup bridge for existing virtual birdge that minikube is running on
Above explanation should help you to direct the traffic to your Pod
directly from enp0s6
. Sending traffic from Pod
to your enp0s5
interface is pretty straightforward. You can run (from your Pod
):
curl 10.0.0.150
(enp0s5
)curl 10.0.0.X
(device inenp0s5
network)
Alternative
As an alternative you can try to provision your own Kubernetes cluster without using minikube
. This will inherently eliminate the isolation layer and allow you for a more direct access. There are a lot of options like for example:
- Kubeadm
- Kubespray
- MicroK8S
I encourage you to check the additional resources as Kubernetes is a complex solution and there is a lot to discover:
- Kubernetes.io: Docs: Home
来源:https://stackoverflow.com/questions/65872990/how-to-route-traffic-from-pysical-servers-port-to-minikube-cluster