[英]Exposing a TCP port out of cluster in Kubernetes using nginx-Ingress
So I have setup my application on Google cloud using Kubernetes.所以我已经使用 Kubernetes 在谷歌云上设置了我的应用程序。 I have a Pod which I want to expose out of the cluster that expects TCP requests.
我有一个 Pod,我想将它暴露在需要 TCP 请求的集群之外。
I came to know that this is possible via ingress-nginx and researched about it.我开始知道这可以通过ingress-nginx 实现,并对此进行了研究。 As mentioned in the docs here , it can be done by setting up a configMap like below:
正如此处的文档中所述,可以通过设置如下的 configMap 来完成:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-configmap-example
data:
9000: "default/my-service-name:7051
, but it's full usage is not clearly described nor I could find a complete example in the docs properly. ,但它的完整用法没有清楚地描述,我也无法在文档中正确找到完整的示例。
I have installed ingress-nginx as mentioned in the Installation Guide but I am unsure what the next steps are to expose my Pod.我已经安装了安装指南中提到的 ingress-nginx,但我不确定接下来要公开我的 Pod 的步骤是什么。
Extra Info额外信息
7051
7051
So, in order to achieve this you can do this:因此,为了实现这一点,您可以这样做:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-configmap-example
data:
9000: "default/my-service-name:7051
Then edit your nginx-ingress-controller deployment by adding this flag to container args like below:然后通过将此标志添加到容器参数来编辑您的 nginx-ingress-controller 部署,如下所示:
... containers: - name: nginx-ingress-controller image: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1" imagePullPolicy: "IfNotPresent" args: - /nginx-ingress-controller - --default-backend-service=nginx-ingress/nginx-ingress-default-backend - --election-id=ingress-controller-leader - --ingress-class=nginx - --configmap=nginx-ingress/nginx-ingress-controller - --tcp-services-configmap=default/tcp-configmap-example ...
Edit LoadBalancer service by adding port to your LoadBalancer通过向 LoadBalancer 添加端口来编辑 LoadBalancer 服务
... ports: - name: http port: 80 protocol: TCP targetPort: http - name: https port: 443 protocol: TCP targetPort: https - name: some-service-port port: 7051 protocol: TCP
Hope it helps!希望能帮助到你!
If you are installing with helm
there is a way to expose tcp ports by setting values.如果您使用
helm
进行安装,则可以通过设置值来公开 tcp 端口。
# add helm repo
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm show values ingress-nginx/ingress-nginx
will show the values.yaml
file for reference, there are two dictionaries for exposing ports: tcp
and udp
: helm show values ingress-nginx/ingress-nginx
将显示values.yaml
文件以供参考,有两个字典用于暴露端口: tcp
和udp
:
# TCP service key:value pairs
# Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md
##
tcp: {}
# 8080: "default/example-tcp-svc:9000"
# UDP service key:value pairs
# Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md
##
udp: {}
# 53: "kube-system/kube-dns:53"
To set the values from command line:要从命令行设置值:
# set `tcp` dictionary in values (other `helm install` options omitted, only left options regarding to exposing tcp ports)
helm install ingress-nginx ingress-nginx/ingress-nginx --set tcp.12345=some-namespace/some-service:80
Inside Google Cloud Platform you can use type: LoadBalancer
in order to expose your service outside the cluster. 在Google Cloud Platform内部,您可以使用
type: LoadBalancer
,以将服务公开到集群之外。 You can see example here Exposing Applications using Services . 您可以在此处看到使用服务公开应用程序的示例。
Here is a quick example: 这是一个简单的示例:
$ kubectl run hello --image=test/hello-world
deployment "hello" created
$ kubectl expose deployment hello --port=8080 --type=LoadBalancer
service "hello" exposed
$ kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello LoadBalancer 10.11.251.34 35.192.25.112 8080:33107/TCP 2m
$ curl 35.192.25.112:8080
<html><head><title>hello world</title></head><body>hello world!</body></html>
Also you can follow the instructions inside Kubernetes documentation Exposing an External IP Address to Access an Application in a Cluster 您也可以按照Kubernetes文档中的说明进行操作, 公开一个外部IP地址以访问集群中的应用程序
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.