SOLVED Container with web on port 80

[impovich]

Hi all, deployed a custom container and there is no way to change the web port of the application from 80 to anything else, when I set "Host Network" for the container and the nodeport to 38999, I expected to get to the applications UI by typing my_nas_ip:38999, but instead I got TrueNas login page :) Is it possible to overcome it by not changing TrueNas port(this functionality is currently broken in TrueNAS-SCALE-21.06-MASTER-20210611-152918)?

 

[morganL]

Did it work on 21.04?

 

[impovich]

Did it work on 21.04?

didn't try.

 

[ornias]

Hi all, deployed a custom container and there is no way to change the web port of the application from 80 to anything else, when I set "Host Network" for the container and the nodeport to 38999, I expected to get to the applications UI by typing my_nas_ip:38999, but instead I got TrueNas login page :) Is it possible to overcome it by not changing TrueNas port(this functionality is currently broken in TrueNAS-SCALE-21.06-MASTER-20210611-152918)?

Try disabling hostNetwork, as it's not something that is usually needed. hostNetwork != nodePort, those are seperate things.

 

[impovich]

Try disabling hostNetwork, as it's not something that is usually needed. hostNetwork != nodePort, those are seperate things.

Let me describe what I was trying to achieve and let me know if it is conceptually wrong.

Prior TrueNas Scale I was using VMs on xen-server and few jails on TrueNas Core. I have HAProxy on the pfSense and in order to get things simple, I manage static DHCP leases in the pfSense.

With TruesNas Scale it doesn't work because every redeploy issues a new MAC address(?) so pfSense gives a new IP to an application, so everything becomes broken on my network. Static IP for a container is not an option as it brings some complexity to IP management and I could get an IP clash at some point. So I decided to use hostNetwork for my containers, one IP and multiple ports sound good to me.

P.S. While I was writing this reply I understood that the way I was trying to achieve it is wrong as docker port mapping != nodeport.

Is there is a way to keep things simple and achieve what I want?

 

[impovich]

Reading doc https://kubernetes.io/docs/tasks/administer-cluster/access-cluster-services/
it looks like I was doing right, no?

Code:

truenas# k3s kubectl get service -A
NAMESPACE          NAME                     TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                          AGE
default            kubernetes               ClusterIP   172.17.0.1       <none>        443/TCP                          4d18h
kube-system        kube-dns                 ClusterIP   172.17.0.10      <none>        53/UDP,53/TCP,9153/TCP           4d18h
ix-transmission    transmission-ix-chart    NodePort    172.17.164.240   <none>        9091:36019/TCP,51413:36020/UDP   17h
ix-xen-orchestra   xen-orchestra-ix-chart   NodePort    172.17.126.163   <none>        80:38999/TCP                     13h

 

[ornias]

Like I said: Don't use host-network.
It's not an adviced way of deploying k8s, it's mostly a fix for specific types of containers that really on very specific networking options (like mDNS).

If you really want seperate IP's for specific Apps/Containers, I suggest waiting till MetalLB is implemented, thats a k8s native way of assigning seperate IP's to specific services, without the security risks and complications of hostNetwork.

TLDR:
hostNetwork is complicating things, not making it easier.

 

[impovich]

Thank you Ornias for the prompt replies, unset hostNetwok and everything works like a charm. :)

 

[ornias]

Thank you Ornias for the prompt replies, unset hostNetwok and everything works like a charm. :)

No problem, it's a known issue... Thats why we flagged it as "(Advanced)" in the latest releases of TrueCharts...