search

GoogleContainerTools / kubehost

Expose web services directly on GKE nodes during development.
Apache License 2.0
115 stars 16 forks source link

Two services exposed on the same IP/port #2

Closed ahmetb closed 5 years ago

ahmetb commented 5 years ago

I have two services:

  1. GKE Guestbook sample: This was deployed previously with type:LoadBalancer, I used kubehost downgrade to downgrade it, and it uses my node IP now.

  2. GKE hello-app sample: Deployed as

    • kubectl run hello-server --image gcr.io/google-samples/hello-app:1.0 --port 8080
    • kubectl expose deploy hello-server.

The problem is, after doing kubehost bind with app (2), it deployed to the same IP as app (1), so I can't actually access app (2) from the listed IP.

Output of downgrading (as expected):

$ kubehost downgrade frontend
NAME       TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE
frontend   LoadBalancer   10.19.243.219   35.188.13.254   80:30394/TCP   40d
service/frontend patched
NAME       TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
frontend   ClusterIP   10.19.243.219   <none>        80/TCP    40d
Creating hostPort deployment 'frontend-hostport' for service 'frontend' (TCP:80).
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/frontend-hostport created
Waiting for available replicas of deployment 'frontend-hostport'
Creating ingress firewall rule from TCP:80 to instances with tag gke-demo-1b59f56c-node.
Creating firewall...⠧Created [https://www.googleapis.com/compute/v1/projects/ahmetb-samples-playground/global/firewalls/default-frontend-rule].
Creating firewall...done.
NAME                   NETWORK  DIRECTION  PRIORITY  ALLOW   DENY  DISABLED
default-frontend-rule  default  INGRESS    1000      tcp:80        False
Service exposed on 35.184.7.16

Output of bind (unexpectedly bound to the same IP/port?):

$ kubectl run hello-server --image gcr.io/google-samples/hello-app:1.0 --port 8080

$ kubectl expose deploy hello-server

$ kubehost bind hello-server
NAME           TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
hello-server   ClusterIP   10.19.255.65   <none>        8080/TCP   20s
Creating hostPort deployment 'hello-server-hostport' for service 'hello-server' (TCP:8080).
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/hello-server-hostport created
Waiting for available replicas of deployment 'hello-server-hostport'
Creating ingress firewall rule from TCP:8080 to instances with tag gke-demo-1b59f56c-node.
Creating firewall...⠧Created [https://www.googleapis.com/compute/v1/projects/ahmetb-samples-playground/global/firewalls/default-hello-server-rule].
Creating firewall...done.
NAME                       NETWORK  DIRECTION  PRIORITY  ALLOW     DENY  DISABLED
default-hello-server-rule  default  INGRESS    1000      tcp:8080        False
Service exposed on 35.184.7.16
WilliamDenniss commented 5 years ago

In this case it bound to the same IP, as the port was different (80 and 8080). Similar to #8.

FYI: kubehost uses the Kubernetes scheduler to find a node IP with an available port, if no ports are available then the hostport deployment won't schedule, and kuehost will return an error.