k8s集群通过nginx-ingress做tcp、udp 4层网络转发
k8s集群通过nginx-ingress做tcp、udp 4层网络转发
检查nginx-ingress是否开启tcp\udp转发
- args:
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
示例 kuard-demo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kuard
spec:
selector:
matchLabels:
app: kuard
replicas: 1
template:
metadata:
labels:
app: kuard
spec:
containers:
- image: paulcapestany/kuard-amd64:1
imagePullPolicy: Always
name: kuard
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: kuard
spec:
ports:
- port: 9527
targetPort: 8080
protocol: TCP
selector:
app: kuard
更新configmaps
$kubectl get cm -n ingress-nginx
NAME DATA AGE
ingress-controller-leader-nginx 0 10m
nginx-configuration 0 10m
tcp-services 2 10m
udp-services 0 10m
tcp-services.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
9527: "default/kuard:9527"
进入nginx-ingress容器查看TCP services处会出现对应的负载配置
cat nginx.conf
# TCP services
server {
preread_by_lua_block {
ngx.var.proxy_upstream_name="tcp-default-kuard-9527";
}
listen 9527;
proxy_timeout 600s;
proxy_pass upstream_balancer;
}
# UDP services
最后即可通过边缘节点 ip:9527 访问。当pod节点扩容后红线标记的hostname也会随刷新变化。
