IPFS, NAT and k8s

Hi everyone,

I have a k8s cluster running several pods, each with IPFS nodes running within - in order to peer explicitly with a single IPFS container from outside the cluster, we came up with a combination of pod cluster ip + pod cluster port along with some rules to prevent these pods from being moved around on restart. Using this information we have successfully peered within the cluster itself.

Which looks something like this:

$ ks describe pod ipfs-1 | grep Node:
Node: ip-192-xyz…us-west-2.compute.internal/192-xyz

$ k describe node ip-192-xyz…us-west-2.compute.internal | grep ExternalIP:
ExternalIP: 44.222.33.555

$ ks get svc | grep ipfs-1
ipfs-1 NodePort 10.100.180.231 4001:32639/TCP,5001:32058/TCP, 80m

Putting it all together,

ipfs//tcp//ipfs/

/ip4/44.222.33.555/tcp/32639/ipfs/QmVyKLpva…

^Peering with the above multiaddress from outside the cluster works perfectly.

However, this means that propagation to the public gateways is…still an issue since the announced value of ‘ipfs id’ contains an internal value. Explicit attempts to call 'ipfs dht provide ’ are still not propagated externally.

Ex. of ips id:
“/ip4/127.0.0.1/tcp/4001/ipfs/QmVyKLpva…”,
“/ip4/192.168.3.7/tcp/4001/ipfs/QmVyKLpva…”

Is there a recommended approach for this specific scenario?

You could set to set your “Announce” address to “/ip4/44.222.33.555/tcp/32639/ipfs/QmVyKLpva…” in the Addresses section of the IPFS config file.

Thanks for the help Jim! This actually worked perfectly for what we needed to do!

Minor note is that the Announce config doesn’t expect peerID:
“Announce”: ["/ip4/44.222.33.555/tcp/32639"] is what worked