1. 技术文章
  2. Getting nginx-ingress to use UDP in Azure

Getting nginx-ingress to use UDP in Azure

久未见 提交于 2021-01-29 05:14:15

问题


Currently this setup worked for TCP but once switched to UDP I get the error

The Service "nginx-ingress-controller" is invalid: spec.ports: Invalid value:
 []core.ServicePort{core.ServicePort{Name:"proxied-udp-30001", Protocol:"UDP",
 Port:30001, TargetPort:intstr.IntOrString{Type:0, IntVal:30001, StrVal:""}, 
NodePort:0}, core.ServicePort{Name:"proxied-udp-30002", Protocol:"UDP", 
Port:30002, TargetPort:intstr.IntOrString{Type:0, IntVal:30002, StrVal:""}, 
NodePort:0}, core.ServicePort{Name:"http", Protocol:"TCP", Port:80, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"http"}, NodePort:32724},
 core.ServicePort{Name:"https", Protocol:"TCP", Port:443, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"https"}, 
NodePort:30127}}: cannot create an external load balancer with mix protocols

Right after I tried to apply the patch

kubectl patch deployment nginx-ingress-controller -n ingress-nginx --patch $(Get-Content .\k8s\prod-azure-multi-pod-node\nginx-ingress-controller-deploy-patch.yaml -Raw)

kubectl patch svc nginx-ingress-controller -n ingress-nginx --patch $(Get-Content .\k8s\prod-azure-multi-pod-node\nginx-ingress-controller-svc-patch.yaml -Raw)

Where each of these files are

nginx-ingress-controller-svc-patch.yaml

apiVersion: v1
kind: Service
metadata:
  annotations:
    meta.helm.sh/release-name: nginx-ingress
    meta.helm.sh/release-namespace: ingress-nginx
  name: nginx-ingress-controller
  namespace: ingress-nginx
  selfLink: /api/v1/namespaces/ingress-nginx/services/nginx-ingress-controller
spec:
  ports:
  - name: proxied-udp-30001
    port: 30001
    targetPort: 30001
    protocol: UDP
  - name: proxied-udp-30002
    port: 30002
    targetPort: 30002
    protocol: UDP

And nginx-ingress-controller-deploy-patch.yaml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: ingress-nginx
  selfLink: /apis/extensions/v1beta1/namespaces/ingress-nginx/deployments/nginx-ingress-controller
spec:
  template:
    spec:
      hostNetwork: true # Edit added via tutorial https://skryvets.com/blog/2019/04/09/exposing-tcp-and-udp-services-via-ingress-on-minikube/
      containers:
      - args:
        - /nginx-ingress-controller
        - --default-backend-service=ingress-nginx/nginx-ingress-default-backend
        - --election-id=ingress-controller-leader
        - --ingress-class=nginx
        - --udp-services-configmap=default/udp-services # Needed for udp config map usage
        - --configmap=ingress-nginx/nginx-ingress-controller
        name: nginx-ingress-controller

The services look like so

apiVersion: v1
kind: Service
metadata:
  name: game-svc-1
  namespace: default
spec:
  selector:
    instance: game-1
  # type: NodePort
  type: ClusterIP
  ports:
    - protocol: UDP
      port: 9001 # exposed port
      targetPort: 19132

And the Udp config file

apiVersion: v1
kind: ConfigMap
metadata:
  name: udp-services
  namespace: default
data:
  30001: "default/game-svc-1:9001"
  30002: "default/game-svc-2:9002"

Like I said this works perfectly fine when using tcp but once I switched to UDP that error pops up, is there a UDP step I am missing?

EDIT > add helm command as stated by microsoft to use this command

helm install nginx-ingress stable/nginx-ingress --namespace ingress-nginx --set controller.replicaCount=2 --set controller.nodeSelector."beta\.kubernetes\.io/os"=linux --set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux --set controller.service.httpPort.enable=false --set controller.service.httpsPort.enable=false

回答1:


Based to the following error:

The Service "nginx-ingress-controller" is invalid: spec.ports: Invalid value:
 []core.ServicePort
{core.ServicePort{Name:"proxied-udp-30001", Protocol:"UDP", Port:30001, TargetPort:intstr.IntOrString {Type:0, IntVal:30001, StrVal:""}, NodePort:0}, 

core.ServicePort{Name:"proxied-udp-30002", Protocol:"UDP", 
Port:30002, TargetPort:intstr.IntOrString{Type:0, IntVal:30002, StrVal:""}, 
NodePort:0}, 

core.ServicePort{Name:"http", Protocol:"TCP", Port:80, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"http"}, NodePort:32724},

core.ServicePort{Name:"https", Protocol:"TCP", Port:443, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"https"}, 
NodePort:30127}}:

The Error tell you exactly that you are trying to update the service with a mix match in PORT type.

cannot create an external load balancer with mix protocols

This is because the PATCH command will augment the existing service with the added configuration.(in your case 2 new exposed UDP port) on top of the existing configuration (2 TCP port)

The best way to convert from TCP to UDP would be to reuse the name port names (http and https) this will allow the PATCH command to merge the dictionary entries together, replacing the TCP and pour 80/443 with your UDP port settings.

If you are actually looking at supporting both UDP/TCP, you will need to change the ServiceType to ClusterIP since the LoadBalancer type doesn't support having a mismatch of protocol for a single Public IP (Azure LoadBalancer FrontEnd IP)




回答2:


Looking at the error, it looks like patch is not able to correctly merge the manifest files since that is evident from TCP port being mentioned in error which is missing from manifest file shared. Can you try applying the manifest file directly instead of using patch?



来源:https://stackoverflow.com/questions/61763437/getting-nginx-ingress-to-use-udp-in-azure

标签
azure
kubernetes-ingress
nginx-ingress
azure-aks
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!