Kuberntes Pod not reachable with https o http

Question

I have a java17-osgi-application running inside a docker Container. On a local Windows host with podman the application runs and is reachable. I perform a netstat -tane on the shell and this is the output.

The first netstat -tane is before and the second is after I visit the application via brower.

In Kubernetes (aks on azure) I use a deployment with one pod. The Image is the same but I can not reach the application via browser. The output of netstat -tane is:

The first netstat -tane is bevore and the second is after I access the application via browser.

It seems like in the pod did not bind the IP Adress. Is there a way to solve this without touching the java17-osagi-app?

Answer 1

To expose your java17-osgi-application running on Azure Kubernetes Service, as I mentioned in the comment section, you can create a Service with type Load Balancer. In the Service manifest, you can specify the port number and target port for your application. Here is an example manifest:

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 8080
  selector:
    app: my-app

After you deploy the manifest, you can confirm that the Service is created, and the Load Balancer is configured using the following command:

kubectl get service my-service

When you view the service details, the public IP address created for this service on the load balancer is shown in the EXTERNAL-IP column. It might take a few minutes for the IP address to change from <pending> to an actual public IP address.

Let me take a flask app example that says This is a Hello World application using the below code.

from flask import Flask

app = Flask(__name__)

@app.route("/")
def hello_world():
    return "<p>This is a Hello World application</p>"

if __name__ == "__main__":
    app.run(host='0.0.0.0', debug=True)

Then containerize the app using docker and then build it using docker build -t bravinwasike/flask-kubernetes .

Output:

after that push the Docker image into my Azure container repository using the following commands:

az login
az acr login --name <youracrname>
docker tag <the_name_you_want_to_show_in_ACR> <youracrname>.azurecr.io/<the_image_name_which_you_built>

docker push <youracrname>.azurecr.io/<the_name_you_want_to_show_in_ACR> 

then I deployed the containerized application to the created AKS cluster

Followed by creating a deployment and service (Load Balancer) yaml file that refers to the image that I just pushed in my acr

Deployment and service yaml file combined

apiVersion: apps/v1
kind: Deployment
metadata:
  name: flask-app-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: test-app
  template:
    metadata:
      labels:
        app: test-app
    spec:
      containers:
      - name: test-app
        image: bravinwasike/flask-kubernetes:latest
        resources:
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 5000
---

apiVersion: v1
kind: Service
metadata:
  name: flask-app-service
spec:
  selector:
    app: flask-app-deployment
  ports:
  - port: 6000
    targetPort: 5000
  type: LoadBalancer

then apply the yaml

 kubectl apply -f <whatever_you_have_named_your_file>.yaml

Done.. Now when I do kubectl get pods my pods are up

and my flask app is up and reachable via the load balancer.

Alternatively, you can use Ingress to expose your application as well. To use Ingress, you need to deploy an Ingress controller in your cluster. Here is an example Ingress manifest:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: your-website-name
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: my-website.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-website
            port:
              name: http

In this example, the Ingress controller listens on port 80 for requests to the host my-website.com. Requests to the root path / are forwarded to the my-website service on port 80. The nginx.ingress.kubernetes.io/rewrite-target annotation rewrites the URL path to remove the / prefix. You can deploy this manifest using kubectl apply -f <filename>.

References:

• Use a public standard load balancer in Azure Kubernetes Service (AKS)
• Quickstart: Create a basic public load balancer using the Azure portal

Answer 2

So the Problem was the Java17 App. The Jetty did not bind to the ip. With Kuberntes everything works fine now.