Ingress redirect to a localhost tcp service

Question

I have a local website. The website was created by a docker-compose and it is listening on a localhost port 3000.

When I try:

curl 127.0.0.1:3000

I can see the response.

What I did:

From my domain provider I edited the DNS to point to my server, then I changed nginx-ingress:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: virtual-host-ingress
  namespace: ingress-basic
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/use-regex: "true"
    cert-manager.io/cluster-issuer: "letsencrypt-pp"
spec:
  tls:
  - hosts:
    - nextformulainvesting.com
    secretName: ***
  rules:
  - host: "nextformulainvesting.com"
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: e-frontend-saleor
            port:
              number: 80

and I created the service:

apiVersion: v1
kind: Service
metadata:
  name: e-frontend-saleor
spec:
  ports:
    - protocol: TCP
      port: 80
      targetPort: 3000

But with the service or without the service I receive the error 503 Service Temporarily Unavailable.

How can I use nginx-ingress to point to my local TCP service?

Your website is listening on localhost:3000 and then you point dns to your server (I assume the externally accessible ip address of the server). I see a bit of a disconnect here. Is this website exposed or it only listens only on localhost (aka 127.0.0.1)? — jabbson, Nov 07 '21 at 23:32
I assume it is exposed, because otherwise you wouldn't be getting 503s, which is a valid response from a web server. Do you see anything in the logs of your web server? — jabbson, Nov 07 '21 at 23:34
So the issue is that the service is not pointing at anything at the moment, right? Since the Service is not selecting anything, you would need to create an Endpoint manually. — jabbson, Nov 07 '21 at 23:38
The server expose other services and websites inside the kubernetes cluster to the internet so it's configured well. Now i have a service outside of the cluster because i don't have a kubernetes deployment: i used docker-compose, ancthe website is listening on localhost:3000 — inyourmind, Nov 08 '21 at 06:04
i found the answer here, i think this is a dulicated post [https://stackoverflow.com/questions/57764237/kubernetes-ingress-to-external-service](https://stackoverflow.com/questions/57764237/kubernetes-ingress-to-external-service) — inyourmind, Nov 08 '21 at 10:14

score 1 · Accepted Answer · answered Nov 15 '21 at 18:02

To clarify the issue I am posting a community wiki answer.

The answer that helped to resolve this issue is available at this link. Based on that - the clue of the case is to create manually a Service and an Endpoint objects for external server.

After that one can create an Ingress object that will point to Service external-ip with adequate port .

Here are the examples of objects provided in similar question.

Service and an Endpoint objects:

apiVersion: v1
kind: Service
metadata:
  name: external-ip
spec:
  ports:
  - name: app
    port: 80
    protocol: TCP
    targetPort: 5678
  clusterIP: None
  type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
  name: external-ip
subsets:
- addresses:
  - ip: 10.0.40.1
  ports:
  - name: app
    port: 5678
    protocol: TCP

Ingress object:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: external-service
spec:
  rules:
  - host: service.example.com
    http:
      paths:
      - backend:
          serviceName: external-ip
          servicePort: 80
        path: /

See also this reference.

Harsh Manvar · Answer 2 · 2021-11-08T06:10:42.863

0

Your service that you have created is for forwarding the traffic to deployments

As your service is running out side of Kubernetes cluster you should be using the Endpoint in this case

apiVersion: v1
kind: Endpoints
metadata:
  name: my-service
subsets:
  - addresses:
      - IP: <External IP>
    ports:
      - port: 3000

and you can use this Endpoint to ingress so that it will route the traffic.

Ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: virtual-host-ingress
  namespace: ingress-basic
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/use-regex: "true"
    cert-manager.io/cluster-issuer: "letsencrypt-pp"
spec:
  tls:
  - hosts:
    - nextformulainvesting.com
    secretName: ***
  rules:
  - host: "nextformulainvesting.com"
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: my-service
            port:
              number: 3000

edited Nov 08 '21 at 06:10

answered Nov 08 '21 at 04:14

Harsh Manvar

27,020
6
48
102

The Endpoints is invalid: subsets[0].addresses[0].ip: Invalid value: "127.0.0.1": may not be in the loopback range (127.0.0.0/8) – inyourmind Nov 08 '21 at 05:55
1

instead of 127.0.0.1 use the host machine IP. https://github.com/kubernetes/minikube/issues/8439#issuecomment-799801736 – Harsh Manvar Nov 08 '21 at 06:11
i have the ip and curl is OK. so i changes ingress, but same 503 Service Temporarily Unavailable. maybe because into the ingress it's defined SERVICE but i have an endpoint? – inyourmind Nov 08 '21 at 07:06
I created even the service, but same result. apiVersion: v1 kind: Service metadata: name: e-dashboard-saleor namespace: default labels: app: e-dashboard-saleor spec: selector: app: e-dashboard-saleor clusterIP: None ports: - name: app-dashboard-seleor port: 9000 # doesn't actually matter --- apiVersion: v1 kind: Endpoints metadata: name: e-dashboard-saleor subsets: - addresses: - ip: 172.22.0.1 ports: - port: 9000 name: app-dashboard-seleor 9000 instead 3000 and the curl is ok – inyourmind Nov 08 '21 at 07:17

Ingress redirect to a localhost tcp service

2 Answers2