https://rancher.com/ logo
Title
s

square-tailor-84375

08/30/2022, 7:02 AM
Hi there, what would be the best way of accessing stuff the same way as Pods in the cluster would. I am implementing SSO functionality using OpenID Connect and both my application and I need to reach the SSO service (also in cluster) using the same address. It seems like I can't reach the cluster IP from the host machine (I am on macOS, enforced firewall from work)
a

aloof-controller-49647

08/30/2022, 7:12 AM
You need to use either a nodeport or loadbalancer service if you want to connect from outside the cluster.
s

square-tailor-84375

08/30/2022, 7:14 AM
I already do that, problem is, that me connecting via the NodePort (http://localhost:<nodeport>) is different than what my application would use to connect to that same service.
If this was a service from the internet, I would just make my SSO service available using a public domain (https://sso.example.com). That way both my application in the same cluster and I will use the same URL to connect to the SSO app
a

aloof-controller-49647

08/30/2022, 7:23 AM
Inside the cluster you have to use the full FQDN or use a service mesh, but accessing from outside to cluster ip, you have to port forward it.
­čĹŹ 1