How to expose node port on ingress?
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
logs-graylog NodePort 10.20.8.187 <none> 80:31300/TCP,12201:31301/UDP,1514:31302/TCP 5d3h
logs-graylog-elasticsearch ClusterIP None <none> 9200/TCP,9300/TCP 5d3h
logs-graylog-master ClusterIP None <none> 9000/TCP 5d3h
logs-graylog-slave ClusterIP None <none> 9000/TCP 5d3h
logs-mongodb-replicaset ClusterIP None <none> 27017/TCP 5d3h
This is how my service look like where there are some node ports. Graylog web interface is expose on port 80.
But i am not able to send logs on URL. my graylog weburl is https://logs.example.com
it's running on https cert-manager is there on kubernertes ingress.
i am not able to send Glef UDP logs on URl. am i missing something to open port from ingress or UDP filter something ?
this is my ingress :
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: logs-graylog-ingress
annotations:
kubernetes.io/ingress.class: nginx
certmanager.k8s.io/cluster-issuer: graylog
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- logs.example.io
secretName: graylog
rules:
- host: logs.example.io
http:
paths:
- backend:
serviceName: logs-graylog
servicePort: 80
- backend:
serviceName: logs-graylog
servicePort: 12201
- backend:
serviceName: logs-graylog
servicePort: 31301
Service :
apiVersion: v1
kind: Service
metadata:
labels:
app: graylog
chart: graylog-0.1.0
component: graylog-service
heritage: Tiller
name: graylog
release: logs
name: logs-graylog
spec:
clusterIP: 10.20.8.187
externalTrafficPolicy: Cluster
ports:
- name: http
nodePort: 31300
port: 80
protocol: TCP
targetPort: 9000
- name: udp-input
nodePort: 31301
port: 12201
protocol: UDP
targetPort: 12201
- name: tcp-input
nodePort: 31302
port: 1514
protocol: TCP
targetPort: 1514
selector:
graylog: "true"
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
UDP services aren't normally exposed via an Ingress Controller like TCP HTTP(S) services are. I'm not sure any ingress controllers even support UDP, certainly not with 3 protocols combined in a single ingress definition.
If the cluster is hosted on a cloud service, most support a Service with type
LoadBalancer
to map external connections into a cluster.If service of type
LoadBalancer
is not available in your environment you can use the NodePort service. ThenodePort
s you have defined will be available on the external IP of each of your nodes.A
nodePort
is not strictly required for the http port, as the nginx Ingress Controller takes care of that for you elsewhere in it's own service.The ports other than 80 can be removed from your ingress definition.