Skip to main content

Kubernetes Service in Managed Namespace

The Mayope Managed Namespace provides a full-fledged namespace experience.

ClusterIP Services#

ClusterIp should be your standard service to create. This service is only reachable within your namespace. You can expose a http service through an Ingress.

# Create hello world deploymentapiVersion: apps/v1kind: Deploymentmetadata:  name: nginxspec:  selector:    matchLabels:      app: nginx  template:    metadata:      labels:        app: nginx    spec:      containers:      - name: nginx        image: nginxdemos/hello        ports:        - name: http          containerPort: 80---# Create service for hello-world deploymentapiVersion: v1kind: Servicemetadata:  name: nginxspec:  ports:  - name: http    port: 80    protocol: TCP    targetPort: 80  selector:    app: nginx  type: ClusterIP

LoadBalancer Services#

LoadBalancer Services are supported through Ip-Port-Assignments. These Assignments represent a public ip with a chose Port.

Request#

  1. Go to the Namespace tab
  2. Chose the namespace where you want to deploy your LoadBalancer Service
  3. Click on the Ports drawer at the bottom of the detail view
  4. Click on Request Port Assignment, enter your desired port and click on Request:
    • You need to choose a port between 1025 and 60000
    • Your chosen port might not be available in which case we suggest choosing another
  5. After successfully requesting, your Assignment should be displayed in the Table
  6. Create your service as below:

apiVersion: apps/v1kind: Deploymentmetadata:   name: nginxspec:   selector:      matchLabels:         app: nginx   template:      metadata:         labels:            app: nginx            # This deactivates the firewall for the given port            mayope/web-allowed: allowed      spec:         containers:            - name: nginx              image: nginx:1              ports:                 - name: http                   containerPort: 80---apiVersion: v1kind: Servicemetadata:   name: nginxspec:   loadBalancerIP: <<IP>> # The ip from the first column of the table   ports:      - name: http        port: {{PORT}} # The port from the second column of the table        protocol: TCP        targetPort: 80   selector:      app: nginx   type: LoadBalancer

The service should be available as soon as the container started.

The label mayope/web-allowed: allowed is needed because every namespace has a firewall that blocks any incoming external traffic, except for the clusters own Ingress-Controller. This annotation deactivates the firewall for this specific pod, so be careful what you expose to the internet.

NodePort Services#

NodePort services are currently not supported and there are no plans to support them. You can however issue a ticket on Github where you lay out your use case: Github Issue