Welcome to the Linux Foundation Forum!

Lab 7.3 review : clarification

  1. Create a new pod called
    webone
    , running the
    nginx
    service. Expose port 80.
  2. Create a new service named
    webone-svc
    . The service should be accessible from outside the cluster.
  3. Update both the pod and the service with selectors so that traffic for to the service IP shows the web server content.

at step 3. I don't understand what it means by web server content.

here what I did (without giving the complete answers...)

1. create a pod named : webone : nginx, port 80

2 - expose webone port 80, loadbalancer

3 - my loadbalancer ip is : 192.168.50.200, so I did curl http://192.168.50.200 and I got the results of nginx index page

I didn't update anything in step 3.. so I think that I didn't do it correctly ?

Comments

    1. Change the type of the service such that it is only accessible from within the cluster. Test that exterior access no longer
      works, but access from within the node works.

    I change the service to : ClusterIP. I think that works.

    1. Deploy pod, webtwo, .. OK done

    2. Install and configure an ingress controller such that requests for webone.com see the nginx default page, and requests
      for webtwo.org see the wlniao/website default page.

    I'm not able to get the http output for this step.

    I created a ingress yaml like this

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: ingress-review
    spec:
      rules:
      - host: webone.com
        http:
          paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: webone-svc
                port:
                  number: 80
      - host: webtwo.org
        http:
          paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: webtwo-svc
                port:
                  number: 80
    
    

    here my ingress

    kubectl get ingress
    Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
    NAME                    CLASS    HOSTS                           ADDRESS          PORTS   AGE
    ingress-test            <none>   www.example.com,thirdpage.org   192.168.50.202   80      24h
    ingress-wildcard-host   <none>   webone.com,webtwo.org           192.168.50.202   80      10m
    
     curl -H "Host: webone.com" http://196.168.50.202/   (it stall here)
    
  • Hi @SebastienDionne,

    There are multiple ways to create a service to expose an application. The expose method ensures that the service object inherits from the application it exposes all the correct binding parameters, such as the label and selector. There is another method to create service where a generic/independent service is created, not bound to any application. That service may need to be edited for the logical bind to take place.

    For your ingress, do you have all permissions in place?
    Do you have a controller installed (traefik, nginx, ...)?
    Does your ingress object have the expected annotations in place, specific to the controller you are using?
    Does the name of your service match the backend.service.name property of the ingress rule?
    Can you access services over the x.y.z.202 IP address?

    Regards,
    -Chris

  • thanks, so I was OK for the service. It's true that I could have use different methods. I just wanted to be sure that what I did was OK. The problem is that we don't have the answer for the review exercises.

    For my error I deleted all the services, ingress and deleted my metallb pods.. and used ingress : extensions/v1beta1 instead of v1. everything work now. I'll have to try with the example on Kubernetes docs, they are using v1

  • Hi,

    I'm also confused about the wording of the tasks.

    If I follow the tasks exactly as indicated, should I end up with two services (the one created through expose in Task 1 and the one created as part of Task 2 - be it through create, yaml or expose again)?

    For instance:

    1. Create a new pod called webone, running the nginx service. Expose port 80.

    What is the meaning of "expose" here? The pod can already be reached internally through port 80 even if there's no service created (since nginx listens to port 80 by default).

    Clarification is appreciated. Thanks!

  • chrispokorni
    chrispokorni Posts: 2,155

    Hi @gerardocl,

    Exposing an application through a Service object ensures service discovery via the cluster DNS for the exposed application.

    It is true that a Pod can be accessed directly via its IP address, but any app that needs to access the Pod would have to somehow retrieve the IP of the desired Pod. This is not a feature of the cluster, so that would have to be implemented separately, and it may introduce some overhead.

    Regards,
    -Chris

  • It is works after I add the annotation in ingress.yaml:
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
    name: ingress-review
    annotations:
    # nginx.ingress.kubernetes.io/service-upstream: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$1
    spec:
    ingressClassName: nginx
    rules:
    - host: webone.com
    http:
    paths:
    - pathType: Prefix
    path: /
    pathType: ImplementationSpecific
    backend:
    service:
    name: webone-svc
    port:
    number: 80
    - host: webtwo.org
    http:
    paths:
    - pathType: Prefix
    path: /
    pathType: ImplementationSpecific
    backend:
    service:
    name: webtwo-svc
    port:
    number: 80

Categories

Upcoming Training