TechQA.

Calling an application outside cluster from a pod

310 views Asked by At

There is a web service app running on a Compute Engine and a GKE cluster in the same network.

Is it possible for a pod in the cluster to call the web service app using internal IP address of web service app?

Your answer will be appreciated.

Thanks.

gke-networking
Original Q&A
1

There are 1 answers

1
Dawid Kruk On BEST ANSWER

TL;DR

Yes it's possible.

Assuming that you are talking about the Internal IP address of your VM you will need to create a rule allowing traffic from pod address range to your VM.

Example

Assuming that:

  • There is a Compute Engine instance named: nginx and it's configured to run on port 80.
  • There is a Kubernetes Engine within the same network as your GCE instance.

You will need to check the pod ip address range of your GKE cluster. You can do it by either:

  • Cloud Console (Web UI)
  • $ gcloud container clusters describe CLUSTER-NAME --zone=ZONE | grep -i "clusterIpv4Cidr"

The firewall rule could be created by either:

  • Cloud Console (Web UI)
  • gcloud command like below:
gcloud compute --project=PROJECT-ID firewall-rules create pod-to-vm \
--direction=INGRESS --priority=1000 --network=default \
--action=ALLOW --rules=tcp:80 --source-ranges=clusterIpv4Cidr \
--target-tags=pod-traffic

Disclaimer!

  1. Enter the value from last command (describe cluster) in the place of clusterIpv4Cidr
  2. You will need to add pod-traffic to your VM's network tags!

After that you can spawn a pod and check if you can communicate with your VM:

  • $ kubectl run -it ubuntu --image=ubuntu -- /bin/bash
  • $ apt update && apt install -y curl dnsutils

You can communicate with your VM with GKE pods by either:

  • IP address of your VM:
root@ubuntu:/# curl IP_ADDRESS
REDACTED
<p><em>Thank you for using nginx.</em></p>
REDACTED
  • Name of your VM (nginx):
root@ubuntu:/# curl nginx
REDACTED
<p><em>Thank you for using nginx.</em></p>
REDACTED

You can also check if the name is correctly resolved by running:

root@ubuntu:/# nslookup nginx
Server:     DNS-SERVER-IP
Address:    DNS-SERVER-IP#53

Non-authoritative answer:
Name:   nginx.c.PROJECT_ID.internal
Address: IP_ADDRESS

Additional resources:

Related Questions in GKE-NETWORKING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions