LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Containers (https://www.linuxquestions.org/questions/linux-containers-122/)
-   -   Container Networking Best Practice (https://www.linuxquestions.org/questions/linux-containers-122/container-networking-best-practice-4175688047/)

stampede 01-05-2021 12:03 PM
Container Networking Best Practice
 
Hi,
I just installed Minikube on a headless VM and have been running through some hello world type exercises.

I hit an issue I'm sure is quite common, and I was curious how most individuals and enterprises handle it.

So on this headless system, I ran https://minikube.sigs.k8s.io/docs/start/ hello-minikube. It is up successfully on
#: minikube service hello-minikube --url
http://192.168.39.55:30918
How can I view this page from an outside network? I could try forwarding to my normal 192.168.0.xxx, or what about bridging my 192.168.0.xxx and 192.168.39.xxx.

Before I try hacking it together, what is the SOP for this instance? Do enterprises have the pods deploy on reserved sections of their primary domain ex. 192.168.0.100-200? or do they just have everything bridged together at the switch level, exposing requested ports.

berndbausch 01-07-2021 08:57 PM
minikube sets up a host-only network, which makes it impossible to access the minikube VM from outside the VirtualBox host without tricks. When searching for minikube external access, I stumbled on a description how to tweak VirtualBox so that external access becomes possible. Caveat: I have not tried this, and the description is three years old.

Instead of minikube, consider using kind (Kubernetes in Docker). It runs the Kubernetes services in Docker containers rather than a single virtual machine and is targeted to developers. Of course, you would have to set up Docker on your computer before using kind.
There might be other simple deployment tools for testing.

Regarding production installations, I would think that Kubernetes clusters are usually deployed in VMs on public clouds. The big players AWS, Azure and GCP all have convenient out-of-the-box K8s solutions, so that you don't have to worry much about complicated network setups. VMs running in the cloud are normally attached to some internal network but can be accessed from outside using SNAT (source network address translation).

stampede 01-09-2021 06:16 AM
Thanks so much for clarifying that berndbausch. I'm still early on my Kubernetes journey and trying to tie all the pieces together. I'll try out kind and a few other "distributions" (I guess you'd call them) of Kubernetes and see how they compare. :)

Thanks

I'll take a look at making the service externally visible, just for fun. I'm not using VirtualBox but maybe similar idea exists.
I'd imagine IPTables can be used to point service to another NIC?

Currently it's 192.168.39.55:30918, and I want to reach it via 192.168.0.XXX


All times are GMT -5. The time now is 08:01 PM.