OpenShift :: 我们如何在自定义端口（非 Web / 非 http）上启用流量进入 pod

Question

我们如何在自定义端口（非 Web/非 http）上启用进入 Pod 的流量。

例如，考虑端口 12121。

我尝试通过路线公开端口。但无法从同一命名空间内的另一个 pod 访问此 pod。

OpenShift 支持此功能吗？

如果有人以前尝试过此操作，请分享您是如何实现这一目标的。

谢谢。

Answer 1

You have a few options depending on what you are trying to achieve but I wouldn't use a Route for this.

• If you do not care about what the port number is then you can use a NodePort service. NodePorts are a range of ports defined by the cluster administrator (default is 30000-32767) that can be assigned to a service and are exposed on every node in the cluster and it works for TCP and UDP traffic. This example specifies a NodePort to use but if you do not give one, the service controller will assign one that is available.

apiVersion: v1
kind: Service
metadata:
  name: mysql
  labels:
    name: mysql
spec:
  type: NodePort
  ports:
    - port: 3306
      nodePort: 30306
      name: http
  selector:
    name: mysql

OpenShift documentation: https://docs.openshift.com/container-platform/3.11/dev_guide/expose_service/expose_internal_ip_nodeport.html

If you need to expose a specific port then you can:

• Use a LoadBalancer service which will allow you to expose a port on the load balancer IP. Note that this requires the cluster being set up with a list of IPs that can be used (this is configuration on the master) AND the IPs are routed to nodes in the cluster (this can be achieved with OpenShift's ipfailover automation).

apiVersion: v1
kind: Service
metadata:
  name: egress-2 
spec:
  ports:
  - name: db
    port: 3306 
  loadBalancerIP:
  type: LoadBalancer 
  selector:
    name: mysql 

OpenShift 文档：https://docs.openshift.com/container-platform/3.11/dev_guide/expose_service/expose_internal_ip_load_balancer.html

• 不太理想的是，您可以使用hostport并直接在运行 Pod 的主机上公开端口，但这仅在您希望将流量路由到没有流量平衡的主机时才有效。此方法违背最佳实践，但可以作为最后的手段。

apiVersion: v1
kind: Pod
metadata:
  name: mysql
spec:
  containers:
  - image: mysql
    name: mysql
    ports:
    - name: mysql
      containerPort: 3306
      hostPort: 3306