Ingress tutorials

Load balance TCP services

On this page

The HAProxy Kubernetes Ingress Controller can load balance TCP services. It accomplishes this using a ConfigMap to define its TCP services.

Load balance TCP services Jump to heading

To configure the HAProxy Kubernetes Ingress Controller for load balancing TCP services, we will create a YAML file that contains a ConfigMap definition. We will name the file tcp-configmap.yaml.

  1. In this example, we set the ConfigMap’s name to tcp-configmap, but you can use any name. In the data section, add the ports that you will open on the ingress controller for receiving traffic, mapped to their associated backend services.

    tcp-configmap.yaml
    yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      2000:
        default/example-service1:3000
      2001:
        mynamespace/example-service2:3001
    tcp-configmap.yaml
    yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      2000:
        default/example-service1:3000
      2001:
        mynamespace/example-service2:3001

  2. Define your backend services as follows:

    • The service’s name should match the ConfigMap. For example, example-service1.
    • The protocol should be TCP.
    • The port should match the ConfigMap. For example, 3000.
    • The targetPort is your container port.
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      name: example-service1
      namespace: default
     spec:
      selector:
        app: example-service1
      ports:
        - protocol: TCP
        - port: 3000
        - targetPort: 3000
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: example-service2
      namespace: mynamespace
     spec:
      selector:
        app: example-service2
      ports:
        - protocol: TCP
        - port: 3001
        - targetPort: 3001
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      name: example-service1
      namespace: default
     spec:
      selector:
        app: example-service1
      ports:
        - protocol: TCP
        - port: 3000
        - targetPort: 3000
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: example-service2
      namespace: mynamespace
     spec:
      selector:
        app: example-service2
      ports:
        - protocol: TCP
        - port: 3001
        - targetPort: 3001

  3. Apply the ConfigMap and service(s) using kubectl apply -f.

    Example:

    nix
    kubectl apply -f tcp-configmap.yaml
    nix
    kubectl apply -f tcp-configmap.yaml
    output
    configmap/tcp-configmap created
    output
    configmap/tcp-configmap created

  4. Following the creation of your ConfigMap and service(s), you must edit the haproxy-kubernetes-ingress deployment and the haproxy-kubernetes-ingress service to configure the ingress controller to make connection to your service(s). Depending on whether you installed the ingress controller with Helm or Kubectl, you can edit these resources as follows:

    We will use the helm upgrade command to automatically update the haproxy-kubernetes-ingress deployment and service. We will provide a values file to the command using the -f option. This values file will specify an additional argument for the ingress controller deployment and it will configure our ports.

    1. Create a file named myvals.yaml and add the following:

      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: service-1
              port: 2000
              targetPort: 2000
              nodePort: 30000
              protocol: TCP
            - name: service-2
              port: 2001
              targetPort: 2001
              nodePort: 30001
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap
      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: service-1
              port: 2000
              targetPort: 2000
              nodePort: 30000
              protocol: TCP
            - name: service-2
              port: 2001
              targetPort: 2001
              nodePort: 30001
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap
      • For each TCP service, add an entry in tcpPorts.
        • Provide a name for the port. The name of the port cannot exceed 11 characters.
        • port is the port the ingress controller service will listen on.
        • targetPort is the port you defined in the ConfigMap.
        • Specify a nodePort. Valid NodePorts are in the 30000-32767 range.
        • Set protocol to TCP.
      • Add the --configmap-tcp-services to extraArgs and set it to the name of your ConfigMap (haproxy-controller/tcp-configmap in this example).

    2. Execute the helm upgrade command, providing the name of the YAML values file with -f:

      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: service-1-tcp
    containerPort: 2000
    protocol: TCP
  - name: service-2-tcp
    containerPort: 2001
    protocol: TCP
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: service-1-tcp
    containerPort: 2000
    protocol: TCP
  - name: service-2-tcp
    containerPort: 2001
    protocol: TCP

      The tcpPorts we specified in the YAML myvals.yaml file are present in the output above. Note that to the ingress controller, the names of our ports have changed and have -tcp appended to the end of their names. This does not affect operation.

    1. To view/edit the haproxy-kubernetes-ingress deployment, call kubectl edit deployment. The command will open the deployment file in your configured editor:

      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress

      1. Add the --configmap-tcp-services argument in args and set the value to the name of your ConfigMap (haproxy-controller/tcp-configmap in this example).

        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]
        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        deployment.apps/haproxy-kubernetes-ingress edited
        output
        deployment.apps/haproxy-kubernetes-ingress edited

    2. To view/edit the haproxy-kubernetes-ingress service, call kubectl edit service. The command will open the service file in your configured editor:

      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress

      1. For each TCP service, add an entry in the ports section with the following:

        • Name the port. For example, example-service1.
        • Specify a nodePort. Valid NodePorts are in the 30000-32767 range.
        • Set the port to the port the ingress controller service will listen on. For example, 2000.
        • Set the protocol to TCP.
        • Set the targetPort to the port you defined in the ConfigMap. For example, 2000.
        yaml
        spec:
        [...]
          ports:
        [...]
          - name: example-service1
            nodePort: 30000
            port: 2000
            protocol: TCP
            targetPort: 2000
          - name: example-service2
            nodePort: 30001
            port: 2001
            protocol: TCP
            targetPort: 2001
        yaml
        spec:
        [...]
          ports:
        [...]
          - name: example-service1
            nodePort: 30000
            port: 2000
            protocol: TCP
            targetPort: 2000
          - name: example-service2
            nodePort: 30001
            port: 2001
            protocol: TCP
            targetPort: 2001

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        service/haproxy-kubernetes-ingress edited
        output
        service/haproxy-kubernetes-ingress edited

    You can define your default editor by using the KUBE_EDITOR or EDITOR environment variables or, if neither are defined, vi is used for Linux or notepad for Windows.

You can connect to your TCP service through the load balancer on the port you specify as the nodePort.

TCP load balancing example #1 Jump to heading

In the following example, we will deploy a Pod running BusyBox and we will configure the ingress controller for load balancing traffic to it over TCP. BusyBox provides several Linux utilities and is useful for troubleshooting and testing. We will use an instance of BusyBox to run netcat (nc) which will listen for the incoming traffic.

Deploy resources Jump to heading

  1. To deploy an instance of BusyBox in your Kubernetes cluster, copy the following YAML and save it to a file named busybox.yaml:

    busybox.yaml
    yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: busybox-deployment
      labels:
        app: busybox
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: busybox
      template:
        metadata:
          labels:
            app: busybox
        spec:
          containers:
          - name: busybox
            image: busybox
            command: ["sh", "-c", "while true; do nc -lk -p 5570; done"]
            ports:
            - containerPort: 5570
              protocol: TCP
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: busybox-service
    spec:
      selector:
        app: busybox
      ports:
        - protocol: TCP
          port: 5570
          targetPort: 5570
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      1980:
        default/busybox-service:5570
    busybox.yaml
    yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: busybox-deployment
      labels:
        app: busybox
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: busybox
      template:
        metadata:
          labels:
            app: busybox
        spec:
          containers:
          - name: busybox
            image: busybox
            command: ["sh", "-c", "while true; do nc -lk -p 5570; done"]
            ports:
            - containerPort: 5570
              protocol: TCP
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: busybox-service
    spec:
      selector:
        app: busybox
      ports:
        - protocol: TCP
          port: 5570
          targetPort: 5570
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      1980:
        default/busybox-service:5570

    This YAML contains the definitions for:

    • A Deployment for BusyBox named busybox-deployment. We specify that we want to use the busybox image.
      • We specify a containerPort of 5570. We will run netcat on this port and connect to it through the load balancer.
      • The deployment includes a command that will run netcat (nc) listening on TCP port 5570.
    • A Service named busybox-service that will expose port 5570. Note that in the next steps, we will configure the ingress controller to connect to this port.
    • A ConfigMap named tcp-configmap. This provides the ingress controller with connection information. Note that this ConfigMap belongs to the haproxy-controller namespace (the namespace created when you installed the ingress controller), whereas the other BusyBox components belong to the default namespace. This ConfigMap specifies that the ingress controller will make connection to the service named busybox-service on port 5570. We will map port 1980 to a NodePort in our haproxy-kubernetes-ingress service.

  2. Apply the changes to create the resources:

    nix
    kubectl apply -f busybox.yaml
    nix
    kubectl apply -f busybox.yaml
    output
    deployment.apps/busybox-deployment created
service/busybox-service created
configmap/tcp-configmap created
    output
    deployment.apps/busybox-deployment created
service/busybox-service created
configmap/tcp-configmap created

Next we will configure the HAProxy Kubernetes Ingress Controller for load balancing traffic over TCP to our BusyBox instance running netcat.

Configure HAProxy Kubernetes Ingress Controller Jump to heading

To configure the ingress controller for load balancing TCP traffic to our BusyBox instance running netcat:

  1. Edit the haproxy-kubernetes-ingress deployment and the haproxy-kubernetes-ingress service to configure the ingress controller to make connection to the Service named busybox-service on port 5570. Depending on whether you installed the ingress controller with Helm or Kubectl, you can edit these resources as follows:

    We will use the helm upgrade command to automatically update the haproxy-kubernetes-ingress deployment and service. We will provide a values file to the command using the -f option. This values file will specify an additional argument for the ingress controller deployment and it will configure our ports.

    1. Create a file named myvals.yaml and add the following:

      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: busybox
              port: 1980
              targetPort: 1980
              nodePort: 30670
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap
      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: busybox
              port: 1980
              targetPort: 1980
              nodePort: 30670
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap

    2. Execute the helm upgrade command, providing the name of the YAML values file with -f:

      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: busybox-tcp
    containerPort: 1980
    protocol: TCP
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: busybox-tcp
    containerPort: 1980
    protocol: TCP

    1. To view/edit the haproxy-kubernetes-ingress deployment, call kubectl edit deployment. The command will open the deployment file in your configured editor:

      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress

      1. Add the --configmap-tcp-services argument in args and set the value to the name of your ConfigMap (haproxy-controller/tcp-configmap).

        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]
        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        deployment.apps/haproxy-kubernetes-ingress edited
        output
        deployment.apps/haproxy-kubernetes-ingress edited

    2. To view/edit the haproxy-kubernetes-ingress service, call kubectl edit service. The command will open the service file in your configured editor:

      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress

      1. Add an entry in the ports section with the following:

        yaml
        - name: busybox
          port: 1980
          targetPort: 1980
          nodePort: 30670
          protocol: TCP
        yaml
        - name: busybox
          port: 1980
          targetPort: 1980
          nodePort: 30670
          protocol: TCP

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        service/haproxy-kubernetes-ingress edited
        output
        service/haproxy-kubernetes-ingress edited

    You can define your default editor by using the KUBE_EDITOR or EDITOR environment variables or, if neither are defined, vi is used for Linux or notepad for Windows.

Test the connection through the load balancer (click to expand)

To test the connection to the BusyBox instance running netcat through the load balancer:

  1. Get the name of the BusyBox pod by calling kubectl get pod:

    nix
    kubectl get pod
    nix
    kubectl get pod
    Example output
    NAME                                  READY   STATUS    RESTARTS      AGE
busybox-deployment-6fbb645fd4-cfkwp   1/1     Running   0             12m
    Example output
    NAME                                  READY   STATUS    RESTARTS      AGE
busybox-deployment-6fbb645fd4-cfkwp   1/1     Running   0             12m

  2. Create a file named test_message.txt with the following text:

    text
    Test message
    text
    Test message

  3. From a server that has connection to your cluster, such as the server from which you run kubectl, use netcat to send the test message to the port you specified as the NodePort for your TCP service when you configured the ingress controller. In this example, the NodePort we specified was 30670.

    nix
    nc 127.0.0.1 30670 < test_message.txt 
    nix
    nc 127.0.0.1 30670 < test_message.txt

    There will be no output from this command.

  4. Check the logs of the BusyBox pod to confirm receipt of the message:

    nix
    kubectl logs busybox-deployment-6fbb645fd4-cfkwp
    nix
    kubectl logs busybox-deployment-6fbb645fd4-cfkwp
    output
    Test Message
    output
    Test Message

TCP load balancing example #2 Jump to heading

In the following example, we will load balance traffic to an external endpoint at ifconfig.info. This service displays your IP address.

Deploy resources Jump to heading

We will create a Service and then map an Endpoint to it at port 80.

  1. Copy the following YAML and save it to a file named ifconfig.yaml:

    ifconfig.yaml
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      name: ifcservice
    spec:
      ports:
      - port: 80
        protocol: TCP
        name: http
    ---
    apiVersion: v1
    kind: Endpoints
    metadata:
      name: ifcservice
    subsets:
    - addresses:
      - ip: 104.21.4.246
      ports:
      - port: 80
        protocol: TCP
        name: http
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      1981:
        default/ifcservice:80
    ifconfig.yaml
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      name: ifcservice
    spec:
      ports:
      - port: 80
        protocol: TCP
        name: http
    ---
    apiVersion: v1
    kind: Endpoints
    metadata:
      name: ifcservice
    subsets:
    - addresses:
      - ip: 104.21.4.246
      ports:
      - port: 80
        protocol: TCP
        name: http
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: tcp-configmap
      namespace: haproxy-controller
    data:
      1981:
        default/ifcservice:80

    This YAML contains the definitions for:

    • A Service named ifcservice that will expose port 80. Note that in the next steps, we will configure the ingress controller to connect to this port.
    • An Endpoint mapped to ifcservice. Note that this Endpoint must have the same name as the Service.
    • A ConfigMap named tcp-configmap. This provides the ingress controller with connection information. Note that this ConfigMap belongs to the haproxy-controller namespace (the namespace created when you installed the ingress controller), whereas the other components belong to the default namespace. This ConfigMap specifies that the ingress controller will make connection to the service named ifcservice on port 80. We will map port 1981 to a NodePort in our haproxy-kubernetes-ingress service.

  2. Apply the changes to create the resources:

    nix
    kubectl apply -f busybox.yaml
    nix
    kubectl apply -f busybox.yaml
    output
    service/ifcservice created
endpoints/ifcservice created
configmap/tcp-configmap created
    output
    service/ifcservice created
endpoints/ifcservice created
configmap/tcp-configmap created

Next we will configure the HAProxy Kubernetes Ingress Controller for load balancing traffic over TCP to the Endpoint.

Configure HAProxy Kubernetes Ingress Controller Jump to heading

To configure the ingress controller for load balancing TCP traffic to the external Endpoint:

  1. Edit the haproxy-kubernetes-ingress deployment and the haproxy-kubernetes-ingress service to configure the ingress controller to make connection to the Service named ifcservice on port 80. Depending on whether you installed the ingress controller with Helm or Kubectl, you can edit these resources as follows:

    We will use the helm upgrade command to automatically update the haproxy-kubernetes-ingress deployment and service. We will provide a values file to the command using the -f option. This values file will specify an additional argument for the ingress controller deployment and it will configure our ports.

    1. Create a file named myvals.yaml and add the following:

      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: ifconn
              port: 1981
              targetPort: 1981
              nodePort: 30681
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap
      myvals.yaml
      yaml
      controller:
        name: controller
        service: 
          tcpPorts:
            - name: ifconn
              port: 1981
              targetPort: 1981
              nodePort: 30681
              protocol: TCP
        extraArgs:
          - --configmap-tcp-services=haproxy-controller/tcp-configmap

    2. Execute the helm upgrade command, providing the name of the YAML values file with -f:

      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      nix
      helm upgrade haproxy-kubernetes-ingress -f myvals.yaml haproxytech/kubernetes-ingress \
        --namespace haproxy-controller
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: ifconn-tcp
    containerPort: 1981
    protocol: TCP
      output
      Release "haproxy-kubernetes-ingress" has been upgraded. Happy Helming!
NAME: haproxy-kubernetes-ingress

[...]

Service ports mapped are:
  - name: http
    containerPort: 8080
    protocol: TCP
  - name: https
    containerPort: 8443
    protocol: TCP
  - name: stat
    containerPort: 1024
    protocol: TCP
  - name: quic
    containerPort: 8443
    protocol: UDP
  - name: ifconn-tcp
    containerPort: 1981
    protocol: TCP

    1. To view/edit the haproxy-kubernetes-ingress deployment, call kubectl edit deployment. The command will open the deployment file in your configured editor:

      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit deployment haproxy-kubernetes-ingress

      1. Add the --configmap-tcp-services argument in args and set the value to the name of your ConfigMap (haproxy-controller/tcp-configmap).

        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]
        yaml
        spec:
          containers:
          - args:
            - --default-ssl-certificate=haproxy-controller/kubernetes-ingress-default-cert
            - --configmap=haproxy-controller/kubernetes-ingress
            - --http-bind-port=8080
            - --https-bind-port=8443
            - --ingress.class=haproxy
            - --publish-service=haproxy-controller/kubernetes-ingress
            - --log=info
            - --configmap-tcp-services=haproxy-controller/tcp-configmap
        [...]

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        deployment.apps/haproxy-kubernetes-ingress edited
        output
        deployment.apps/haproxy-kubernetes-ingress edited

    2. To view/edit the haproxy-kubernetes-ingress service, call kubectl edit service. The command will open the service file in your configured editor:

      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress
      nix
      kubectl -n haproxy-controller edit svc haproxy-kubernetes-ingress

      1. Add an entry in the ports section with the following:

        yaml
        - name: busybox
          port: 1981
          targetPort: 1981
          nodePort: 30681
          protocol: TCP
        yaml
        - name: busybox
          port: 1981
          targetPort: 1981
          nodePort: 30681
          protocol: TCP

      2. Save the changes and close the file. The display shows that the file was edited:

        output
        service/haproxy-kubernetes-ingress edited
        output
        service/haproxy-kubernetes-ingress edited

    You can define your default editor by using the KUBE_EDITOR or EDITOR environment variables or, if neither are defined, vi is used for Linux or notepad for Windows.

Test the connection through the load balancer (click to expand)

To test the connection to the external Endpoint through the load balancer:

  1. From a server that has connection to your cluster, such as the server from which you run kubectl, use curl to connect to the port you specified as the NodePort for your TCP service when you configured the ingress controller. In this example, the NodePort we specified was 30681.

    nix
    curl -H "host: ifconfig.info" 127.0.0.1:30681
    nix
    curl -H "host: ifconfig.info" 127.0.0.1:30681

    Your IP address should display.

    output
    172.31.35.253
    output
    172.31.35.253

Do you have any suggestions on how we can improve the content of this page?

Previous page Route HTTP traffic Next page Terminate SSL / TLS
© 2024 HAProxy Technologies, LLC. All Rights Reserved
Manage Cookie Preferences