I am pretty new to kubernetes and I have successfully setup a cluster on google container engine . In my cluster I have a backend api developed with dropwizard, front end developed with node js and a mysql database. All have been deployed to the cluster and are working .However my challenge is this after setting up an external ip for my node containers and backend I can access them remotely but I can't access my backed from my front end using the service name e.g my backend is called backendapi within the cluster. I can't do this http://backendapi:8080 to call my rest services when deployed to the cluster . The catch for me is when I deploy to the cluster I don't want my front end to hit my back end using the external ip, I want them to connect within the cluster without going via the external ip address. When I connect to a pod and ping backendapi it returns a result but when I deploy my front end and use the label name it doesn't work .What could I be doing wrong ?.
But the problem still persists when I change to this backendapi.default.svc.cluster.local:8080. I even tried using the other port that it is mapped to internally and my frontend web page keeps saying backendapi.default.svc.cluster.local:32208/api/v1/auth/login net::ERR_NAME_NOT_RESOLVED. The funny thing is when I curl from my frontend pod it works . But when I'm accessing it using my web browser it doesn't
Because it is resolvable only within the cluster. (Because only the K8s cluster with kube-dns add-on can translate the domain name backendapi.default.svc.cluster.local to it's corresponding IP address)
Could this be because i exposed an external ip for the service as well . The external ip works though
No, It is because domain name backendapi.default.svc.cluster.local is resolvable only within the cluster, not from a browser in a random machine.
What you did is one of the solutions, exposing an external IP for the service. If you don't want to use a cryptic IP address, you can create an ingress (and use an ingress controller in your cluster) and expose your Microservice. Since you are on GCP, you can make use of their Load Balancers rather than exposing a IP address.
Note: Remember to add the authentication/Authorization to lock down your microservice as needed as it's getting exposed to the user.
Proxy all the backend calls through the server which serves your web app (nginx/nodejs etc)
Advantage of this approach is, you will avoid all the Same Origin Policy/CORS headaches, your microservice (express) authentication details will be abstracted away from user's browser.
Disadvantage of this approach is, 1) your backend microservice will have a tight coupling with frontend (or vice-versa depending on how you look at it), This will make the scaling of backend dependent on frontend. 2) Your Backend is not exposed. So, if you have another consumer (let's just say an android app) it will not be able to access your service.
Kind of similar question: https://stackoverflow.com/a/47043871/6785908