search

projectcontour / contour

Contour is a Kubernetes ingress controller using Envoy proxy.
https://projectcontour.io
Apache License 2.0
3.7k stars 672 forks source link

TCP service exposing , is it possible with contour? #6646

Open dimashenkov opened 2 weeks ago

dimashenkov commented 2 weeks ago

Discussed in https://github.com/projectcontour/contour/discussions/6645

Originally posted by **dimashenkov** August 27, 2024 Is this enough to expose tcp service ? I have difficulties , traffic on 443 and 80 works but on port 4222 cant pass through ``` apiVersion: projectcontour.io/v1 kind: HTTPProxy metadata: name: nats-server-nats-blackpearl-dev-product-frankfurt-****-cloud namespace: blackpearl labels: argocd.argoproj.io/instance: nats-blackpearl-qa spec: ingressClassName: contour-private tcpproxy: healthCheckPolicy: healthyThresholdCount: 5 intervalSeconds: 5 timeoutSeconds: 2 unhealthyThresholdCount: 3 services: - name: nats-server port: 4222 virtualhost: fqdn: nats.blackpearl.dev.product.frankfurt.****.cloud tls: secretName: wildcard-tls ``` ``` kc get svc -n contour-private NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE contour-private ClusterIP 172.20.223.171 8001/TCP 5h55m contour-private-envoy LoadBalancer 172.20.236.186 a34aabb*********-020698b179c02278.elb.eu-central-1.amazonaws.com 80:31661/TCP,443:30803/TCP,4222:31010/TCP ``` ``` telnet a34*********79c02278.elb.eu-central-1.amazonaws.com 4222 Trying 10.2.11.1... telnet: connect to address 10.2.11.1: Connection refused Trying 10.2.46.242... telnet: connect to address 10.2.46.242: Connection refused Trying 10.2.24.156... telnet: connect to address 10.2.24.156: Connection refused telnet: Unable to connect to remote host ``` This Endpoints: 10.2.11.129:4222,10.2.11.50:4222,10.2.13.186:4222 + 13 more also give Connection refused ``` kc describe svc contour-private-envoy -n contour-private Name: contour-private-envoy Namespace: contour-private Labels: app.kubernetes.io/component=envoy app.kubernetes.io/instance=product-dev-02-contour-private app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=contour-private argocd.argoproj.io/instance=product-dev-02-contour-private helm.sh/chart=contour-10.1.3 Annotations: service.beta.kubernetes.io/aws-load-balancer-internal: true service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-0936f17847f1177e7, subnet-0e41fc50ea4bddaf5, subnet-0febea0039995e959 service.beta.kubernetes.io/aws-load-balancer-type: nlb Selector: app.kubernetes.io/component=envoy,app.kubernetes.io/instance=product-dev-02-contour-private,app.kubernetes.io/name=contour-private Type: LoadBalancer IP Family Policy: SingleStack IP Families: IPv4 IP: 172.20.236.186 IPs: 172.20.236.186 LoadBalancer Ingress: a34aabbf06a9345a********8b179c02278.elb.eu-central-1.amazonaws.com Port: http 80/TCP TargetPort: http/TCP NodePort: http 31661/TCP Endpoints: 10.2.11.129:8080,10.2.11.50:8080,10.2.13.186:8080 + 13 more... Port: https 443/TCP TargetPort: https/TCP NodePort: https 30803/TCP Endpoints: 10.2.11.129:8443,10.2.11.50:8443,10.2.13.186:8443 + 13 more... Port: nats 4222/TCP TargetPort: 4222/TCP NodePort: nats 31010/TCP Endpoints: 10.2.11.129:4222,10.2.11.50:4222,10.2.13.186:4222 + 13 more... Session Affinity: None External Traffic Policy: Local HealthCheck NodePort: 32479 Events: ```
github-actions[bot] commented 2 weeks ago

Hey @dimashenkov! Thanks for opening your first issue. We appreciate your contribution and welcome you to our community! We are glad to have you here and to have your input on Contour. You can also join us on our mailing list and in our channel in the Kubernetes Slack Workspace