I'm running a kind cluster and from one of the pods I need to access the host machine. I know in minikube you can access it using 10.0.0.2 is there some way I can access it, the same way I could use host.docker.internal on Docker Desktop?
Asked
Active
Viewed 3,092 times
4
David Maze
- 130,717
- 29
- 175
- 215
tmp dev
- 8,043
- 16
- 53
- 108
-
Are you not able to access it using hosts IP address? – pcsutar Feb 06 '22 at 05:31
-
I don't obviously see this option in the kind documentation. Can you run whatever resource you need inside the cluster? Or, if you don't need things like a multi-node cluster, use minikube instead? – David Maze Feb 06 '22 at 11:48
-
1did you figure this out ? did using 172.17.0.1 work ? – Pouya Ataei Sep 23 '22 at 08:32
2 Answers
3
Docker uses default subdomain 172.17.0.0/16, and assign the pods IP address 172.17.X.X
Host server can be access using ip address 172.17.0.1
kus
- 446
- 3
- 7
-
This is not necessarily true (the default network CIDR block is configurable and a `docker network create` network will have a different address), and this doesn't work on non-Linux hosts. – David Maze Feb 07 '22 at 12:04
1
Check Is it possible accessing host machine ports from Kind pods? , that most probably solution you are looking for.
- workaround using qoomon/docker-host
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: dockerhost
labels:
k8s-app: dockerhost
spec:
replicas: 1
selector:
matchLabels:
k8s-app: dockerhost
template:
metadata:
labels:
k8s-app: dockerhost
spec:
containers:
- name: dockerhost
image: qoomon/docker-host
securityContext:
capabilities:
add: ["NET_ADMIN", "NET_RAW"]
env:
# Not needed in MacOs:
- name: DOCKER_HOST
value: 172.17.0.1 # <-- docker bridge network default gateway
---
apiVersion: v1
kind: Service
metadata:
name: dockerhost
spec:
clusterIP: None # <-- Headless service
selector:
k8s-app: dockerhost
- check iptables way
kind pod with a container name: test
local container: myapp exposing port 8081
Allow port in the firewall
iptables -I INPUT -p tcp --dport 8081 -j ACCEPTnow from inside container test in kind cluster, you can run:
curl 172.17.0.1:8081
where 172.17.0.1 is your docker bridge default gateway.
Vit
- 7,740
- 15
- 40
-
My default bridge for the kind network is 172.17.0.5, however when I try I actually sshed into the pod in question, and I tried a simple curl and ended up with the following error (curl 172.17.0.5:9200)
Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
It does not even try to go out but simply gives an access denied error. – tmp dev Feb 08 '22 at 23:22