CODEWITHSUNDEEP
kuberneteskubernetes-ingressenvoyproxykubernetes-service
Jim
Jim

Reputation: 4425

Deploy a pod with envoy as sidecar. How can I access it?

I have created the following simple Dockerfile

FROM envoyproxy/envoy:v1.19.0
COPY envoy.yaml /etc/envoy/envoy.yaml
RUN chmod go+r /etc/envoy/envoy.

For which I build locally a custom envoy image with the name envoy:my-test-image
I created the following deployment file (envoy_sidecar_deployment.yml) with the intention to try to imitate istio i.e. create a sidecar envoy in a pod.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
  labels:
    app: myapp
spec:
  replicas: 2
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
        - name: myapp
          image: citizenstig/httpbin
      initContainers:
        - name: envoy-proxy
          image: envoy:my-test-image
          restartPolicy: Always

I did:

$ kubectl apply -f envoy_sidecar_deployment.yml 
deployment.apps/myapp created

and then I can see the pods:

$ kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myapp-759fd49fdd-sqxjh   2/2     Running   0          35s
myapp-759fd49fdd-wtpqc   2/2     Running   0          35s

The problem is I don't know how to test the connection. My expectation is that I would do something like http://HOST:15001/header and 15001 is the port for envoy and I would get a response by the httpbin as I have configured envoy like that in the image already. But I don't know what hostname to use.
I thought I need a loadbalancer service so I created the file:

apiVersion: v1
kind: Service
metadata:
  name: lb-svc
  labels:
    app: myapp
spec:
  type: LoadBalancer
  ports:
  - port: 8080
    targetPort: 15001
    protocol: TCP
  selector:
    app: myapp

and I can see:

$ kubectl get svc 
NAME         TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
lb-svc       LoadBalancer   10.105.14.50   localhost     8080:30448/TCP   81s

But when I try to access http://localhost:8080/headers I get an error. I also don't understand why don't I see in the ports section 8080:15001 and instead I see 30448.
How can I make the pod accessible via that envoy proxy?

Upvotes: 1

Views: 44

Answers (0)

Related Questions