Trying to use Spring Cloud Kubernetes Discovery server with discovery client as described in https://docs.spring.io/spring-cloud-kubernetes/docs/current/reference/html/index.html#spring-cloud-kubernetes-discoveryserver
and the client couldn't fetch service information from other namespaces. There is already an issue raised in Spring Cloud Kubernetes in GitHub - https://github.com/spring-cloud/spring-cloud-kubernetes/issues/824
Tried Fabric8 client also, encountering error as below:
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://xx.xx.xx.xx/api/v1/services. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. services is forbidden: User "system:serviceaccount:abcd01:xyzssvc" cannot list resource "services" in API group "" at the cluster scope.
Did anyone manage to integrate Spring Cloud Kubernetes Discovery Server with Discovery Client? Integrating Discovery Server with Discovery client will help to prevent assigning clusterrole permission to services.
Related
When deploying a set of SpringBoot microservice applications in a Kubernetes cluster, should I include any kind of service discovery client libraries in my SpringBoot application to leverage kubernetes-native-service-discovery? If not, how a caller service calls another microservice in the same cluster?
Thanks in advance.
A service in kubernetes can be invoked as mentioned below for example an http service. An service has to be created and associated with pod. Please refer kubernetes services documentation for various services.
http://<service-name>:<port>
No other changes are required from application end. Please refer kubernetes official documentation for resolution details
I have a spring-boot service and using the zookeeper discovery for the service registry. Now, I have to deploy the whole system in K8s, now I am getting the problem with Feign-client. The client try to access the pods address but I want to access the K8s service name. How can I set the metadata for my service name.
I am going to create a kubernetes cluster to deploy all my spring boot microservices. Currently I have a spring cloud gateway server, a eureka discovery server and my back-end and front-end applications.
Do we need gateway server and discovery server if deployed on kubernetes, as these services are provided as part of cluster?
Thanks.
You are not required to use the Spring Cloud Gateway or Eureka discovery server. Kubernetes provides all basic building blocks (like Service) implemented without additional software requirements (for example with plain DNS).
If you need a more advanced setup you can integrate kubernetes API in Spring applications or use other ways to integrate. For the 90% case there is no need to do so.
I'm trying to run a Spring Boot Admin application on Kubernetes using Spring Cloud Discovery (without Eureka or Zuul. It directly scrapes from Kubernetes API)
I've setup necessary RBAC and Ingress/Egress for the application to access Kubernetes API and the relevant services in the cluster.
The application is initially fetching all the information regarding the services but it's failing with below error when trying to communicate with individual pods in the namespace
reactor.netty.http.client.PrematureCloseException: Connection prematurely closed
When I try to curl the particular pods from the pod with Spring Boot Admin app:
When I try with FQDN of the service it returns fine with the response
curl {service}.{namespace}.svc.cluster.local/actuator/info
When I do the same with the PodIp ( the one which Spring Boot Admin is struggling to connect to ):
curl 10.x.x.x:8080/actuator/info
I get this error
curl: (56) Recv failure: Connection reset by peer
Is there any particular netpol for pods to be accessed directly rather through the service's cluster IP? Because Spring Boot Admin tries to monitor all the individual pods in the services.
Or is there a workaround/approach where it isn't required by the Spring Boot Admin app to send requests to all the individual pods?
I am trying to set up a zuul proxy server which will act as a gateway service for other apis in my microservice architecture.
So far all the tutorials that I have come across have the discovery client and zuul proxy set up in different gradle modules while I am trying to set them up in the same gradle module.
I have defined the routes and can see that my services have been successfully registered in the eureka dashboard.
I have also verified that I can ping the services using a discovery client from my gatekeeper service but whenever I try to access the services from the URL, I get
"Load balancer does not have available server for client:xyz"
exception.
Can somebody please help me setting this up?