ClusterIP service types are the default deployment configuration. By default, ClusterIP
service types are not exposed outside of the cluster. The method used to expose the services depends
on how the cluster has been installed and the surrounding network
infrastructure.
About this task
The following steps present an example configuration using a LoadBalancer ExternalIP service to
expose the ObjectServer services through the worker nodes. This example might not be applicable in
all cluster
environments.
To expose the ObjectServer ClusterIP services you can configure a LoadBalancer ExternalIP service
resource.
Procedure
- List IP addresses of worker nodes:
# oc get nodes --selector='node-role.kubernetes.io/worker' -o jsonpath="{.items[*].status.addresses[?(@.type=='InternalIP')].address}"
<Worker node 1 IP address>
<Worker node 2 IP address>
<Worker node 3 IP address>
. . .
- Configure LoadBalancer ExternalIP services to expose the proxy and primary and backup
ObjectServer services. Edit the following YAML by
replacing the externalIP array entries with those from your cluster:
apiVersion: v1
kind: Service
metadata:
name: <releasename>-proxy-externalip
spec:
ports:
- name: aggp-tds
port: 6001
- name: aggb-tds
port: 6002
externalTrafficPolicy: Cluster
externalIPs:
- <Worker node 1 IP address>
- <Worker node 2 IP address>
- <Worker node 3 IP address>
type: LoadBalancer
selector:
app.kubernetes.io/name: proxy
---
apiVersion: v1
kind: Service
metadata:
name: <releasename>-ncoprimary-externalip
spec:
ports:
- name: aggp-tds
port: 4100
- name: aggp-iduc
port: 4101
externalTrafficPolicy: Cluster
externalIPs:
- <Worker node 1 IP address>
- <Worker node 2 IP address>
- <Worker node 3 IP address>
type: LoadBalancer
selector:
app.kubernetes.io/name: ncoprimary
---
apiVersion: v1
kind: Service
metadata:
name: <releasename>-ncobackup-externalip
spec:
ports:
- name: aggb-tds
port: 4102
targetPort: 4100
- name: aggb-iduc
port: 4103
externalTrafficPolicy: Cluster
externalIPs:
- <Worker node 1 IP address>
- <Worker node 2 IP address>
- <Worker node 3 IP address>
type: LoadBalancer
selector:
app.kubernetes.io/name: ncobackup
Note: It is not necessary to specify all worker nodes in the externalIPs array. A single node or a
subset of nodes is enough. The iptables rules and kube-proxy on the worker node will forward traffic
to the relevant pod on whichever node it resides.
Once the LoadBalancer service is created, the proxy and ObjectServer Insert Delete Update Control
(IDUC) services will be available through the worker node IP address defined in the ExternalIPs
array.
- Edit the NOI operator custom resource to use port 4103 for
IDUC.
helmValuesNOI:
ncobackup.objserv.internal.iducPort: 4103
After the LoadBalancer service is created, the proxy and ObjectServer services will be available
through the worker node IP address that is defined in the ExternalIPs array.
- Edit the
<releasename>-objserv-agg-backup
service
to use port 4103 for IDUC.
spec:
- name: backup-iduc-port
port: 4103
protocol: TCP
targetPort: 4103
- Check connectivity from outside the cluster by using the worker node IP address and port
number. For example, to test the connection to the primary ObjectServer, run the following
command:
# netcat -v <API node IP address> 4101 6001 6002
Where
<API node IP address> is the IP address of the API node, for example
noi.apps.xyz.com
.