Quick note on getting outgoing IP address of Aliyun Kubenetes service

Background

I have a Kubernetes cluster on Aliyun (Alibaba Cloud) having a Next.js hosting as a service with single pod, and the Next.js service have a server side API call that would call an endpoint from a EC2 in AWS

So what I need is to add an incoming rule in security group of the AWS EC2, but what IP is my Next.js service?

Solution

The solution is to get inside the pod, and shoot an API call and capture the origin.

To do so, we can perform:

# get the pod list and identify your pod name
kubectl -n <namespace> get pod

# get into the pod's shell (use bash or sh, depends on your container)
kubectl -n <namespace> exec -it <your pod name> -- bash

# from within the shell, the curl result would contain the origin
curl http://httpbin.org/ip

# one can extract the field if jq is installed: 
# curl -s http://httpbin.org/ip | jq -r '.origin'

Given my container is very slim and no curl is installed, instead I have node.js, so I can write this:

const http = require('http');

function getOutgoingIPAddress() {
  return new Promise((resolve, reject) => {
    const options = {
      hostname: 'httpbin.org',
      path: '/ip',
      method: 'GET'
    };

    const req = http.request(options, (res) => {
      let data = '';

      res.on('data', (chunk) => {
        data += chunk;
      });

      res.on('end', () => {
        const response = JSON.parse(data);
        const outgoingIPAddress = response.origin;
        resolve(outgoingIPAddress);
      });
    });

    req.on('error', (error) => {
      reject(error);
    });

    req.end();
  });
}

getOutgoingIPAddress()
  .then((outgoingIPAddress) => {
    console.log('Outgoing IP Address:', outgoingIPAddress);
  })
  .catch((error) => {
    console.error('Error:', error);
  });

On the other hand, if you have access to Aliyun’s admin console, the information is at the Kubernete cluster’s Virtual Private Cloud (VPC) Intern NAT Gateway’s EIP: