Skip to content

Kubernetes - add TCP service via haproxy

Edit haproxy-ingress tcp service

kubectl -n ingress-controller edit service haproxy-ingress

## [ ... ]
  - name: port-17
    nodePort: 32586
    port: 4506
    protocol: TCP
    targetPort: 4506
  - name: port-18
    nodePort: 32582
    port: 22
    protocol: TCP
    targetPort: 4522
## [ ... ]

Edit haproxy tcp configmap

kubectl -n ingress-controller edit configmaps haproxy-ingress-tcp

data:
  [ ... ]
  "4506": default/saltmaster-service:4506
  "4522": default/saltmaster-service:4522
  [ ... ]

The configmap must match with the service in the specified namespace (default here)

kubectl get service saltmaster-service
NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
saltmaster-service   ClusterIP   10.110.124.216   <none>        4505/TCP,4506/TCP,4522/TCP   28m

Service definition

# service.yml
apiVersion: v1
kind: Service
metadata:
  name: saltmaster-service
  labels:
    app: saltmaster
spec:
  selector:
    app: saltmaster
  ports:
    - name: saltmaster-4505
      protocol: TCP
      port: 4505
      targetPort: 4505
    - name: saltmaster-4506
      protocol: TCP
      port: 4506
      targetPort: 4506
    - name: saltmaster-22
      protocol: TCP
      port: 4522
      targetPort: 22
  type: ClusterIP

It is important that the service spec selector matches the app defined in the deployment config:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: saltmaster
spec:
  selector:
    matchLabels:
      app: saltmaster
[ ... ]

Check everything works

  1. Telnet to the service port described in the nodePort
  2. Check via haproxy stats: http://192.168.0.30:32546/