allow minikube be accessible from outside network (add --listen-address flag)

[prince2208]

"sudo /usr/local/bin/minikube start --driver=docker"
Problem: : Not able to access POD web application after deployment.

Proposed Solution: : Need to find a way to change minikube IP manually
v1.18.0 . I have a deployed minikube on VM (REDHAT 7.8) running over VMware and I have deployed minikube with --driver=docker. I have delpoyed minikube with command "sudo /usr/local/bin/minikube start --driver=docker". All went fine. Below are the logs:

[osadmin@dockerce simplek8s]$ kubectl cluster-info
Kubernetes master is running at https://127.0.0.1:49152
KubeDNS is running at https://127.0.0.1:49152/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
[osadmin@dockerce simplek8s]$ minikube status
m01
host: Running
kubelet: Running
apiserver: Running
kubeconfig:
[osadmin@dockerce simplek8s]$ minikube ip
127.0.0.1

Now the issue is that minikube IP is 127.0.0.1. And my machine IP is 10.239.X.X. So after I deployed a POD(web application), I am not able to access it from outside my browser from where 10.239.X.X is reachable. I have defined the port fine and POD got created as well.

[govargo]

Hi, if you want to access to pod, you have two choices.
You have to set Service resource.

• NodePort
• LoadBalancer

Please see following docs.

https://minikube.sigs.k8s.io/docs/handbook/accessing/

[prince2208]

Hi, if you want to access to pod, you have two choices.
You have to set Service resource.

* NodePort

* LoadBalancer

Please see following docs.

https://minikube.sigs.k8s.io/docs/handbook/accessing/

Hello Govargo,

I went through the documentation. But as I mentioned earlier that I have a VMWare deployed on ESX in data-center and I have built a REDHAT 7 VM over it and have assigned an IP on it. I can only access this IP over my browser in my laptop. So minikube IP or external IP won't be reachable from my laptop.
I had already applied node-port earlier and after you recommended I applied "minikube tunnel" as well. But both didn't work.
So could it there be a way which I can map the external IP & port which shows in "kubectl get svc" to my VM IP & port. Because then only I will be able to access the kube application from my laptop browser.

[govargo]

Sorry I couldn't understand your environment.

How about using ingress addons?

https://minikube.sigs.k8s.io/docs/tutorials/nginx_tcp_udp_ingress/

NOTE: Ingress addon has limitation which is used by only vm-based driver(KVM, VirtualBox).

[prince2208]

Sorry I couldn't understand your environment.

How about using ingress addons?

https://minikube.sigs.k8s.io/docs/tutorials/nginx_tcp_udp_ingress/

NOTE: Ingress addon has limitation which is used by only vm-based driver(KVM, VirtualBox).

Sorry but Ingress addons won't work as I am using --driver=docker.

Regarding environment,
I have deployed minikube on RHEL 7.4 on a VMware VM running over ESX Hardware. Only way I can connect to server is through command line SSH from my laptop. So if I try to connect to minikube IP with "NODEPORT", it won't work. Same applies to LOADBALANCER.
So I need to find a way where I can access the NODEPORT through my RHEL7.4 Machine IP.

I have attached the files with which I am doing my testing work. Now after deploying these as PODs, I should be able to open the application in browser with minikubeip:31515. However as minikube IP is not reachable from my laptop, I can't connect to it.
simplek8s.zip

[govargo]

@prince2208
Sorry for late reply.
I checked past issues such as this.

And now access from out of network will not be on our road map in the near term.

#5812 (comment)

[medyagh]

there is an existing issue about this, we don't have that currently on our road map but we would accept a PR that would do this without compromising the default minikube users security (only with a specified option)

[prince2208]

Thank you for the update Govargo & Medya. I understood that the feature is not available at the moment considering security. I wish this new feature role out soon.

[medyagh]

@prince2208 you might still be able to do a port forward technic. using kubectl port-fowrard and your networking interface, you can still do that. but that is something you wanna do outside minikube.

[salimdawod1996]

please is there any update for this issue !

[medyagh]

@salimdawod1996
remote kubernetes cluster is not a priority for minikube.
minikube's focus is local kuberentes experience, but if someone provides a PR for this without compromising security I would accept and review it

[serhatcetinkaya]

@prince2208 have you tried opening your local ports to public internet using something like ngrok ?

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[medyagh]

we can add this as a flag in the follow up PRs after this PR https://github.com/kubernetes/minikube/pulls

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale

[medyagh]

I would accept a PR that adds this feature. with a warning to the end user that they will be taking full responsiblity for all security implications of allow minikube on remote.

whoever picks this task, it will be same as setting the listen addres for docker to 0.0.0.0 but only if there is a flag

[mbsulliv]

When I first read what was being requested, my thought was that this was going to allow the specific port exposed by a LoadBalancer service to be exposed on the host. What appears to have been delivered instead is a security nightmare. Is this really what the original issue was requesting?