Exposing a TCP port out of cluster in Kubernetes using nginx-Ingress

10/30/2018

So I have setup my application on Google cloud using Kubernetes. I have a Pod which I want to expose out of the cluster that expects TCP requests.

I came to know that this is possible via ingress-nginx and researched about it. As mentioned in the docs here, it can be done by setting up a configMap like below:

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-configmap-example
data:
  9000: "default/my-service-name:7051

, but it's full usage is not clearly described nor I could find a complete example in the docs properly.

I have installed ingress-nginx as mentioned in the Installation Guide but I am unsure what the next steps are to expose my Pod.

Extra Info

  • The port in the Pod that I want to expose out of cluster is 7051
  • I have a NodePort Service that targets my Pod's port that can be used with Ingress to expose.
-- Ketan Saxena
kubernetes
kubernetes-ingress
nginx
nginx-ingress
tcp

1 Answer

10/27/2019

So, in order to achieve this you can do this:

  1. First create the configMap that you added to the post.
apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-configmap-example
data:
  9000: "default/my-service-name:7051
  1. Then edit your nginx-ingress-controller deployment by adding this flag to container args like below:

    ...
    containers:
    - name: nginx-ingress-controller
      image: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1"
      imagePullPolicy: "IfNotPresent"
      args:
        - /nginx-ingress-controller
        - --default-backend-service=nginx-ingress/nginx-ingress-default-backend
        - --election-id=ingress-controller-leader
        - --ingress-class=nginx
        - --configmap=nginx-ingress/nginx-ingress-controller
        - --tcp-services-configmap=default/tcp-configmap-example
        ...
    
  2. Edit LoadBalancer service by adding port to your LoadBalancer

    ...
    ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: http
    - name: https
      port: 443
      protocol: TCP
      targetPort: https
    - name: some-service-port
      port: 7051
      protocol: TCP

Hope it helps!

-- coolinuxoid
Source: StackOverflow