Ingress controller to route TCP traffic

nginx tcp kubernetes google-cloud-platform nginx-ingress
rasthiya picture rasthiya · Aug 6, 2019 · Viewed 11.4k times · Source

I'm trying to setup an ingress controller(nginx) to forward some TCP traffic to a kubernetes service(GCP). There's this tutorial that shows how to route HTTP traffic to services (based on the paths) using nginx. I want to have a similar setup to forward TCP traffic.

In my cluster, I have a pod running a TCP echo server written in python using sockets. There is a service attached to the pod. If I set the service type of this service to LoadBalancer, I can run my client as follows and get the echo from the cluster. 

python client.py --host <EXTERNAL-IP-OF-LOAD-BALANCER> --port <PORT>

Similar to the echo server, I have other TCP services in my cluster that serves other pods. Currently I have set all of them to LoadBalancers. So, they have external IPs and listen for traffic on different ports. However, I do not want to create LoadBalancers to all of these services. How would I use the nginx to route the TCP traffic to different services based on the port numbers. If nginx cannot do this, are there other options that I can use to achieve this?

UPDATE: Following the HangDu's answer I created the following files.

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: default
data:
  9000: "default/echo-service:50000"

and

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: default
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: LoadBalancer
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
    - name: proxied-tcp-9000
      port: 9000
      targetPort: 9000
      protocol: TCP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

Then I used kubectl create -f <FILE_NAME> to create the config map and the service. So I was hoping I could use the external IP of the newly created service and the port 9000 and run python client.py --host <EXTERNAL-IP-OF-LOAD-BALANCER> --port 9000 to run my echo client. However, I get a connection refused error when I do that. Am I doing something wrong?

Answer

Hang Du picture Hang Du · Aug 6, 2019

I answered a similar question on another thread. How to use nginx ingress TCP service on different namespace

Basically, you can specify the port and backend for your service in configmap.

The following is the link to the document. https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/exposing-tcp-udp-services.md

Related questions

NGINX to reverse proxy websockets AND enable SSL (wss://)?

I'm so lost and new to building NGINX on my own but I want to be able to enable secure websockets without having an additional layer. I don't want to enable SSL on the websocket server itself but instead I …

Read More
Nginx TCP forwarding based on hostname

With the release of TCP load balancing for the Nginx community version, I would like to mix OpenVPN and SSL pass-through data. The only way for Nginx to know how to route the traffic is via their domain name. vpn1.…

Read More
nginx php5-fpm upstream timed out (110: Connection timed out) while connecting to upstream

We have a web server running with nginx php5-fpm apc setup. However we experienced upstream connection timeout errors and slow downs during page rendering recently. A quick php5-fpm restart fixed the problem but we could not find the …

Read More