k8s叢集通過nginx-ingress做tcp\udp 4層網路轉發
阿新 • • 發佈:2020-07-23
k8s叢集通過nginx-ingress做tcp\udp 4層網路轉發
檢查nginx-ingress是否開啟tcp\udp轉發
- args:
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
示例 kuard-demo.yaml
apiVersion: apps/v1 kind: Deployment metadata: name: kuard spec: selector: matchLabels: app: kuard replicas: 1 template: metadata: labels: app: kuard spec: containers: #gcr.azk8s.cn/kuar-demo/kuard-amd64:1 - image: paulcapestany/kuard-amd64:1 imagePullPolicy: Always name: kuard ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: name: kuard spec: ports: - port: 9527 targetPort: 8080 protocol: TCP selector: app: kuard
更新configmaps
$kubectl get cm -n ingress-nginx
NAME DATA AGE
ingress-controller-leader-nginx 0 10m
nginx-configuration 0 10m
tcp-services 2 10m
udp-services 0 10m
tcp-services.yaml
apiVersion: v1 kind: ConfigMap metadata: name: tcp-services namespace: ingress-nginx data: 9527: "default/kuard:9527"
進入nginx-ingress容器檢視TCP services處會出現對應的負載配置
cat nginx.conf # TCP services server { preread_by_lua_block { ngx.var.proxy_upstream_name="tcp-default-kuard-9527"; } listen 9527; proxy_timeout 600s; proxy_pass upstream_balancer; } # UDP services
最後即可通過邊緣節點 ip:9527 訪問。當pod節點庫容後紅線標記的hostname也會隨重新整理變化。