2 minute read
You deployed an application with a web UI or an internal endpoint in your Kubernetes (K8s) cluster. How can I access this endpoint without an external load balancer (e.g. Ingress)? This tutorial presents two options:
- Using Kubernetes port forward
- Using Kubernetes apiserver proxy
Please note that the options described here are mostly for quick testing or troubleshooting your application. For enabling access to your application for productive environment, please refer to Service and Ingress.
Solution 1: Using Kubernetes port forward
You could use the port forwarding functionality of
kubectl to access the pods from your local host without involving a service.
To access any pod follow these steps:
kubectl get pods
- Note down the name of the pod in question as
kubectl port-forward <your-pod-name> <local-port>:<your-app-port>
- Run a web browser or curl locally and enter the URL
kubectl port-forward allows to use a resource name. such as a deployment or service name, to select a matching pod to port forward.
Find more details in the Kubernetes documentation.
The main drawback of this approach is that the pod’s name will change as soon as it is restarted. Moreover, you need to have a web browser on your client and you need to make sure that the local port is not already used by an application running on your system. Finally, sometimes port forwarding is canceled due to non obvious reasons. This leads to a kind of shaky approach. A more robust approach is to access the application using kube-proxy.
Solution 2: Using apiserver proxy
There are several different proxies used with Kubernetes, the official documentation provides a good overview.
In this tutorial we are using apiserver proxy to enable access to services running in Kubernetes without using an Ingress. Different from the first solution, a service is required for this solution .
Use the following URL to access a service via apiserver proxy. For details about apiserver proxy URLs read Discovering builtin services.
|cluster-master||namespace||service||service-port||service-endpoint||url to access service|
There are applications, which do not yet support relative URLs like Prometheus (as of end of November, 2017).
port-forward approach described above.