TCP Routing Kubernetes API does not expose service outside K8S cluster

  Kiến thức lập trình

I have two Kubernetes Service services called simple and simple-replicas that listen both TCP traffic on port 5432 I want to expose outside a K8S cluster with Envoy Proxy Gateway API implementation using TCP Routing

I’ve installed the Experimental Channel Manifest of Kubernetes

https://gateway-api.sigs.k8s.io/guides/#install-experimental-channel

I installed the Gateway API CRDs and Envoy Gateway

https://gateway.envoyproxy.io/v1.0.1/tasks/quickstart/#installation

I installed MetalLB

https://metallb.universe.tf/installation/#installation-with-helm

I installed the GatewayClass and Gateway

https://gateway.envoyproxy.io/v1.0.1/tasks/traffic/tcp-routing/#configuration

and finally the two TCP Routes.

These is the YAML code I used for creation of the resources above (the rest is installed with Helm):

cat << 'EOF' | kubectl create -f -
apiVersion: stackgres.io/v1
kind: SGCluster
metadata:
  name: simple
spec:
  instances: 1
  postgres:
    version: 'latest'
  pods:
    persistentVolume: 
      size: '5Gi'
EOF


cat <<EOF | kubectl apply -f -
kind: GatewayClass
apiVersion: gateway.networking.k8s.io/v1
metadata:
  name: eg
spec:
  controllerName: gateway.envoyproxy.io/gatewayclass-controller
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: tcp-gateway
spec:
  gatewayClassName: eg
  listeners:
  - name: simple
    protocol: TCP
    port: 8088
    allowedRoutes:
      kinds:
      - kind: TCPRoute
  - name: simple-replicas
    protocol: TCP
    port: 8089
    allowedRoutes:
      kinds:
      - kind: TCPRoute
EOF

cat <<EOF | kubectl apply -f -
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TCPRoute
metadata:
  name: tcp-app-1
spec:
  parentRefs:
  - name: tcp-gateway
    sectionName: simple
  rules:
  - backendRefs:
    - name: simple
      port: 5432
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TCPRoute
metadata:
  name: tcp-app-2
spec:
  parentRefs:
  - name: tcp-gateway
    sectionName: simple-replicas
  rules:
  - backendRefs:
    - name: simple-replicas
      port: 5432
EOF

cat << EOF | kubectl create -f -
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: first-pool
  namespace: default
spec:
  addresses:
  - 192.168.1.0/24
EOF

The first thing I don’t understand is when I create IPAddressPool the address chosen is 192.168.1.0 among the available ones.

Then I try to connect with TCP to 192.168.1.0 on port 5432 but the connection attempt is dropped after a few seconds.

What I am missing ?

  • kubernetes
  • tcp
  • envoyproxy
  • kubernetes-gateway-api

LEAVE A COMMENT