I am a k8s beginner.
I have a k8s cluster (not minikube) in my test computer. The cluster was created by Kind. (...no idea what Kind is. It was recommended by my colleague).
Then I created:
- a k8s deployment with a small test http server;
- a k8s service (type:NodePort) associated with the deployment.
I expected to visit the http server using a web browser on a different computer connected with the k8s computer via ethernet.
However, it's not working. The client computer can visit the http server if it is running without k8s (if I manually start it in command line), but if it is running in a k8s pod, the http server is inaccessible.
The kubectl describe nodes command showed that the k8s computer has an "Internal IP" that is different from the "real" IP of that computer:
$ kubectl describe nodes
Name: kind-control-plane
Roles: control-plane
...
Addresses:
InternalIP: 172.17.0.2
Hostname: kind-control-plane
Capacity:
...
$ ip addr
1: ...
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a5:14:ab brd ff:ff:ff:ff:ff:ff
inet 10.7.71.173/20 brd 10.7.79.255 scope global eth0
...
In the above output, the 10.7.71.173 is the "real" IP and the 172.17.0.2 is shown as the "Internal IP".
I can access (curl) the http server by the "Internal IP" but it only works on the k8s computer.
I Googled it for quite a while for an explanation of k8s internal IP but I only got one semi-comprehensible answer: the k8s internal ip is an NAT IP (I understand what NAT is). But I am still not quite sure what k8s internal IP is and why it has to use an internal IP.
More importantly, many internet posts say that the NodePort service allows the app in a pod to be accessed from outside the cluster. It is different from what I experienced.
So my question is:
- I know that an ingress or a load balancer can expose the app-in-pod to the real external world, but why can't the NodePort service do the same work?
- What exactly is the "internal IP"?
Any explanations or links to articles/posts are welcomed. Thank you very much.
When a kubernetes cluster is created, it will establish an internal network within the cluster which enables the communication between different types of kubernetes resources like nodes , pods and services. In kubernetes cluster each node will get assigned an IP address called ‘InternalIP’ address. This address will be used by kubernetes components to communicate with each other.
For example if you create a service , kubernetes assigns a unique IP address to the service, which is used to access the service from within the cluster. The InternalIP address of a node where the service is running will be used to route the traffic to the service.
You mentioned you are not able to
curltheInternalIPof the node, but did you try pinging with the port number which was exposed in the NodePort service?If not, Try with
curl http://<Internal IP>:<NodePort>For more detailed information about InternalIP and Nodeport service refer to this Official Documents DOC1, DOC2.