Nodeport service connection issue
Learn how to connect to the ObjectServer from outside a cluster using the NodePort service.
Problem
There is an issue with the IDUC port that causes problems for IDUC client connections from on-premises deployments.
Resolution
To resolve this issue, create a default NOI deployment with ClusterIP services and run the
following script to create the required NodePort
services:
# Edit the following env vars to suit your deployment
RELEASE_NAME=evtmanager
PRIMARY_TDS_NODEPORT=30000
PRIMARY_IDUC_NODEPORT=30001
BACKUP_TDS_NODEPORT=30002
BACKUP_IDUC_NODEPORT=30003
PRIMARY_PROXY_PORT=30004
BACKUP_PROXY_PORT=30005
cat << EOF | oc create -f -
apiVersion: v1
kind: Service
metadata:
name: ${RELEASE_NAME}-ncoprimary-nodeport
spec:
selector:
app.kubernetes.io/name: ncoprimary
app.kubernetes.io/instance: ${RELEASE_NAME}
type: NodePort
ports:
- name: primary-tds-port
protocol: TCP
port: 4100
nodePort: ${PRIMARY_TDS_NODEPORT}
- name: primary-iduc-port
protocol: TCP
port: ${PRIMARY_IDUC_NODEPORT}
nodePort: ${PRIMARY_IDUC_NODEPORT}
---
apiVersion: v1
kind: Service
metadata:
name: ${RELEASE_NAME}-ncobackup-nodeport
spec:
selector:
app.kubernetes.io/name: ncobackup
app.kubernetes.io/instance: ${RELEASE_NAME}
type: NodePort
ports:
- name: backup-tds-port
protocol: TCP
port: 4100
nodePort: ${BACKUP_TDS_NODEPORT}
- name: backup-iduc-port
protocol: TCP
port: ${BACKUP_IDUC_NODEPORT}
nodePort: ${BACKUP_IDUC_NODEPORT}
---
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.openshift.io/serving-cert-secret-name: ${RELEASE_NAME}-proxy-tls-secret
name: ${RELEASE_NAME}-proxy-nodeport
spec:
selector:
app.kubernetes.io/name: proxy
app.kubernetes.io/instance: ${RELEASE_NAME}
type: NodePort
ports:
- name: aggp-proxy-port
protocol: TCP
port: 6001
nodePort: ${PRIMARY_PROXY_PORT}
- name: aggb-proxy-port
protocol: TCP
port: 6002
nodePort: ${BACKUP_PROXY_PORT}
EOF
# The following commands will patch the primary and backup statefulsets causing both pods to terminate and restart
oc set env sts/${RELEASE_NAME}-ncoprimary NCO_IDUC_LISTENING_HOSTNAME=${RELEASE_NAME}-ncoprimary-nodeport
oc set env sts/${RELEASE_NAME}-ncoprimary NCO_IDUC_LISTENING_PORT=${PRIMARY_IDUC_NODEPORT}
oc set env sts/${RELEASE_NAME}-ncobackup -c ncobackup-agg-b NCO_IDUC_LISTENING_HOSTNAME=${RELEASE_NAME}-ncobackup-nodeport
oc set env sts/${RELEASE_NAME}-ncobackup -c ncobackup-agg-b NCO_IDUC_LISTENING_PORT=${BACKUP_IDUC_NODEPORT}
The script creates the NodePort services and modifies the ObjectServer statefulsets to work
with NodePorts