nginx-ingress-controller开启tcp/udp
目前有几个服务走的TCP协议走的是IP:PORT的模式,现在服务要跨云迁移,弊端就彻底体现出来,想着趁现在迁移优化下,现场的设备也不是特别多,改动起来还是很方便的。
# 1. 用的ACK,nginx-ingress-controller默认开启 TCP 和UDP
[root@manager ~]# kubectl get deployments.apps -n kube-system nginx-ingress-controller -oyaml
apiVersion: apps/v1
kind: Deployment
....
containers:
- args:
- /nginx-ingress-controller
- --election-id=ingress-controller-leader-nginx
- --ingress-class=nginx
- --watch-ingress-without-class
- --controller-class=k8s.io/ingress-nginx
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services # tcp
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services # udp
- --annotations-prefix=nginx.ingress.kubernetes.io
- --publish-service=$(POD_NAMESPACE)/nginx-ingress-lb
- --enable-annotation-validation
- --validating-webhook=:8443
- --validating-webhook-certificate=/usr/local/certificates/cert
- --validating-webhook-key=/usr/local/certificates/key
- --v=2
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
....
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# 2. 自建集群的话需要创建下面2个configmap
[root@manager ~]# cat tcp-services.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: kube-system
[root@manager ~]# cat udp-services.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: udp-services
namespace: kube-system
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
# 3. 配置TCP的ConfigMap
[root@manager ~]# kubectl edit cm -n kube-system tcp-services
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data: # 默认没有data
# 对外暴露的端口:应用所在的namespace/应用的service name:应用的service port
"7070": prod/xm-sentor:7070
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"ConfigMap","metadata":{"annotations":{},"name":"tcp-services","namespace":"kube-system"}}
name: tcp-services
namespace: kube-system
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# 4. 更改nginx-ingress的service,声明tcp和udp用的端口号
[root@manager ~]# kubectl edit svc -n kube-system nginx-ingress-lb
...
ports:
- name: http
nodePort: 31297
port: 80
protocol: TCP
targetPort: 80
- name: https
nodePort: 32434
port: 443
protocol: TCP
targetPort: 443
- name: xm-sensor # 新增
nodePort: 31417
port: 7070
protocol: TCP
targetPort: 7070
selector:
app: ingress-nginx
...
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# 5. 后续可以改IP解析个域名,现场地址改为: 域名:7070
上次更新: 2025/04/25, 03:40:17