Some services require their external ip-address as provided by a loadbalancer-object like Metallb at runtime (say for example an LHOST or pasv_address).
Let's say you have build an image based on Alpine:latest. Attached to the pod, there seems to be no way internal of the running Pod to know which ip-address was assigned to the it by the loadbalancer,
so how do you do get the external ip-address from inside a running Pod in a Kubernetes cluster?
Best Answer
And here I'll save you hours of research:
The trick is to use the API provided by the control node in the cluster (which if you are experimenting, is probably the minikube virtualbox vm or a docker container). You can access it as follows:
First create a serviceaccount with which you will gain access to the kubernetes control plane API (the name pod-service-access is completely arbitrary btw):
Alternatively, you can also create a serviceaccount by applying the following yaml:
Then apply the following ClusterRole and Rolebinding yaml, which will assign permissions to the serviceaccount and bind it to a clusterrole. As you can see, the serviceaccount pod-service-access has read only access to all services in the 'default' namespace. Which is desirable (I presume).
Now you will have to assign the serviceaccount to a deployment, so when the deploynment will spawn pods, these running pods will access the control node api with the permissions of the useraccount. This is an example deployment, pay particular attention the the "serviceAccount: pod-service-access" line and don't forget to install the packages "jq" and "curl" when you build the dockerimage:
Now, when you have your deployment spawning fresh pods, you'll be able to access the kubernetes control node api. Here is a script which will pull information for the service 'vsftpd' from the api (important: here I assume your service name is the same as your deployment name, as can be seen in the SERVICE= line), and by some jq (json processor) magic extracts the external ip:
Good luck with ft_services from Codam (ja toch).