Hi,
I’m not able to set up a Kong service & route to connect to a Kubernetes service for a simple hello world application using the Kubernetes service DNS name i.e. (the Kong proxy cannot find the hello world application’s service when using the fully qualified name for the service).
I’d appreciate any assisting with my questions - thank you in advance.
1.) Am I using Kong correctly behind an Ingress ?
2.) Is the Kong Ingress Controller mature enough to be used instead in production ?
3.) What must I change in my Kong service/route definition to connect to my Kubernetes service ?
I am running Ubuntu 18.04 in a VirtualBox VM, using Canonical’s microk8s Kubernetes.
DNS and Ingress add-ons are both enabled.
chris@chris-VirtualBox:~$ microk8s.status
microk8s is running
addons:
gpu: disabled
storage: enabled
registry: enabled
ingress: enabled
dns: enabled
metrics-server: disabled
istio: disabled
dashboard: enabled
I’ve deployed :
-
Kong inside the Kubernetes cluser using the manifest deployment steps on the Kong website.
-
A simple hello world Spring boot application (An http request returns a “Greetings from Spring Boot!”). The application can be accessed on the service IP.
chris@chris-VirtualBox:~$ curl --noproxy ‘*’ --url http://10.152.183.227:8087
Greetings from Spring Boot! -
An ingress allowing traffic through to the Kong proxy - my VM IP is 192.168.99.101.
chris@chris-VirtualBox:~$ hostname -I
10.0.2.15 192.168.99.101 172.17.0.1 10.1.1.1 -
I’ve configured a Kong service (name=spring-hello-world, protocol=http, host=10.152.183.277, port=8087) with a route (protocol=http, hosts=proxy.all, paths=/hello-world). The application can be accessed using the route.
chris@chris-VirtualBox:~$ curl --noproxy ‘*’ --url http://192.168.99.101/hello-world --header ‘Host: proxy.all’
Greetings from Spring Boot!
That’s all working fine, however I have a problem when trying to access the hello-world Kubernetes service based on its DNS name since I can’t rely on the IP being static.
-
To use the DNS name instead of IP, I configured another Kong service (name=spring-hello-world-service, protocol=http, host=spring-hello-world-service.default.svc.cluster.local, port=8087) with a route (protocol=http, hosts=proxy.all, paths=/hello-world-service). The application is not reachable.
chris@chris-VirtualBox:~$ curl --noproxy ‘*’ --url http://192.168.99.101/hello-world-service --header ‘Host: proxy.all’
{“timestamp”:“2018-12-16T09:51:50.680+0000”,“status”:404,“error”:“Not Found”,“message”:“No message available”,“path”:“/hello-world-service”} -
nslookup to my Kubernetes hello-world-service works from another pod in the cluster, but not from within the Kong pods :
chris@chris-VirtualBox:~$ kubectl exec -it curl-8564c8f987-mb74f – nslookup spring-hello-world-service.default.svc.cluster.local
Server: 10.152.183.10
Address 1: 10.152.183.10 kube-dns.kube-system.svc.cluster.localName: spring-hello-world-service.default.svc.cluster.local
Address 1: 10.152.183.227 spring-hello-world-service.default.svc.cluster.localchris@chris-VirtualBox:~$ kubectl exec -it kong-rc-5fdcfc9868-m747g – nslookup spring-hello-world-service.default.svc.cluster.local
nslookup: can’t resolve ‘(null)’: Name does not resolvenslookup: can’t resolve ‘spring-hello-world-service.default.svc.cluster.local’: Try again
command terminated with exit code 1
Contents of my Kubernetes cluster are below :
chris@chris-VirtualBox:~$ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/busybox 0/1 Error 0 2d1h
pod/curl-8564c8f987-mb74f 1/1 Running 2 44h
pod/default-http-backend-855bc7bc45-qxckp 1/1 Running 12 2d20h
pod/kong-rc-5fdcfc9868-m747g 1/1 Running 14 3d10h
pod/kong-rc-5fdcfc9868-x5x6n 1/1 Running 14 3d10h
pod/kong-rc-5fdcfc9868-z7rd6 1/1 Running 14 3d10h
pod/nginx-ingress-microk8s-controller-zdjwn 1/1 Running 12 2d20h
pod/postgres-tbg6r 1/1 Running 21 3d19h
pod/spring-hello-world-7968b9c669-d4959 1/1 Running 2 2d
NAME DESIRED CURRENT READY AGE
replicationcontroller/postgres 1 1 1 3d19h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/default-http-backend ClusterIP 10.152.183.82 <none> 80/TCP 2d20h
service/kong-admin LoadBalancer 10.152.183.13 <pending> 8001:31642/TCP 3d10h
service/kong-admin-ssl LoadBalancer 10.152.183.194 <pending> 8444:31533/TCP 3d10h
service/kong-proxy LoadBalancer 10.152.183.146 <pending> 8000:32733/TCP 3d10h
service/kong-proxy-ssl LoadBalancer 10.152.183.72 <pending> 8443:31738/TCP 3d10h
service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 3d21h
service/postgres ClusterIP 10.152.183.168 <none> 5432/TCP 3d19h
service/spring-hello-world-service LoadBalancer 10.152.183.227 <pending> 8087:30158/TCP 2d
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ingress-microk8s-controller 1 1 1 1 1 <none> 2d20h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/curl 1/1 1 1 44h
deployment.apps/default-http-backend 1/1 1 1 2d20h
deployment.apps/kong-rc 3/3 3 3 3d10h
deployment.apps/spring-hello-world 1/1 1 1 2d
NAME DESIRED CURRENT READY AGE
replicaset.apps/curl-8564c8f987 1 1 1 44h
replicaset.apps/default-http-backend-855bc7bc45 1 1 1 2d20h
replicaset.apps/kong-rc-5fdcfc9868 3 3 3 3d10h
replicaset.apps/spring-hello-world-7968b9c669 1 1 1 2d