0

I created a K8S cluster (2 nodes and 1 master), that has no access to Internet, only the piloting machine has.

I wanted to SSH into a Ubuntu-OpenSSH Pod, from outside the cluster and did a port-forwarding :

kubectl port-forward pod/ubuntu-ssh 30180:22

Where 30180 is the container 22 the port the openssh-server is listening to inside the pod.

Except I get an error when I try to connect with the cluster IP :

$  ssh [email protected] -p 30180
ssh: connect to host 192.X.X.X port 30180: Connection refused

But it works just fine if I do it using localhost :

$ ssh root@localhost -p 30180
root@localhost's password:
Welcome to Ubuntu 20.04.4 LTS (GNU/Linux 5.15.0-25-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.
Last login: Fri Jul  1 12:39:19 2022 from 127.0.0.1
root@ubuntu-ssh:~#

Can someone help me connect to the pod with the ip address and not localhost ? Thanks, in advance !

For more context, I have followed this tutorial : https://sanda-dev.medium.com/ssh-into-kubernetes-pod-without-public-ip-access-fbb9da7f7b26

Improve this question

1 Answer 1

Reset to default
0

Take a look at the output of kubectl port-forward --help, and you'll see:

Options:
      --address=[localhost]: Addresses to listen on (comma separated). Only accepts IP addresses or
localhost as a value. When localhost is supplied, kubectl will try to bind on both 127.0.0.1 and ::1
and will fail if neither of these addresses are available to bind.

By default, the port opened by kubectl port-forward only binds to localhost, so it's only available for connections that originate on the local machine. If you want to expose it outside of the machine running the port-forward command, add:

kubectl port-forward --address=0.0.0.0 ...

The 0.0.0.0 means "all addresses", so it will be available to connections coming in any available interfaces.

Improve this answer
7
  • Hello, I tried your solution but I have this error instead : E0706 12:37:28.964127 13042 portforward.go:406] an error occurred forwarding 30180 -> 22: error forwarding port 22 to pod 529eec269d10a6a3d7783cc77da9f3883ed1116541f2409f28f609df86018e7e, uid : exit status 1: 2022/07/06 12:37:28 socat[13290] E connect(5, AF=2 127.0.0.1:22, 16): Connection refused E0706 12:37:28.964372 13042 portforward.go:234] lost connection to pod Commented Jul 6, 2022 at 12:41
  • Is the pod up and running? If you repeat your original command do you see different behavior? What was the exact command line you used? Commented Jul 6, 2022 at 12:47
  • The pod is indeed up and running, but you're right I have the same error with the old behavior now. the command : kubectl port-forward pod/ubuntu-ssh 30180:22 Commented Jul 6, 2022 at 12:50
  • If you kubectl exec into the pod, is your ssh service actually running? Maybe restart the pod and try again. Commented Jul 6, 2022 at 12:51
  • I can kubectl exec into the pod, I restarted it with Docker and it's still not working, except I noticed the pod ID changed, do you think it might be the reason why it doesn't work ? Commented Jul 6, 2022 at 12:53

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.