k3d icon indicating copy to clipboard operation
k3d copied to clipboard

Published 20 hours ago verified publisher icon k3d-io

[FEATURE] Disable host port binding

Open thesn10 opened this issue 2 years ago • 2 comments

Problem

K3d always binds to a host port which cannot be disabled. This is bad because if we run k3d clusters behind a reverse proxy, we dont need the host port. It will also cause the port in the kubeconfig to not match.

Solution

  • Maybe add a --no-host-port command line arg, which disables this.

  • Or another option is maybe add an option to specify a reverse proxy url which will be used in the kubeconfig. For example --reverse-proxy-url=k3s-api.mydomain.com

  • Or change the --api-port option format from [(HostIP|HostName):]HostPort to [(HostIP|HostName):][HostPort] which makes the port optional.

Discussed in https://github.com/k3d-io/k3d/discussions/1066

Originally posted by SnGmng May 14, 2022

I use a TCP reverse proxy which does the load balancing, so i dont need (and want) host port binding, but k3d does it anyway and wrongly writes it into the kubeconfig:

- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://kubeapi.mydomain.com:53882 # Not working. The port needs to be removed (or replaced with 443 or 80)
  name: k3d-testkube

k3d always binds the api server on some random host port on the machine and it cannot be disabled:

image

I just want to EXPOSE 6443 and NOT BIND to an host port/address. Is that possible?

Using --api-port can only change that host port, but not disable it, because you are always forced to specify a host port:

FATA[0000] Failed to apply CLI overrides: failed to parse API Port spec: 
Failed to parse Port Exposure specification 'kubeapi.mydomain.com': Format must be [(HostIP|HostName):]HostPort

How to disable host port binding?

Current Workaround

You can only manually fix the kubeconfig url but not completely disable the port. This manually removes the port from kubeconfig by replacing the server url:

export CLUSTER_NAME=name
k3d kubeconfig get ${CLUSTER_NAME} > k3d-${CLUSTER_NAME}.yaml
yq -i "(.clusters[] | select(.name == \"k3d-${CLUSER_NAME}\")).cluster.server = \"https://your-api-url.com\"" k3d-${CLUSER_NAME}.yaml

Unfortunalely, this workaround does not completely disable the port but only remove it in the kubeconfig

thesn10 avatar Jun 05 '22 18:06 thesn10