How to expose non http(s) service (Redis, MySql) outside k8s|openshift cluster?
Image you deployed a redis in memory data structure server in your cluster. The redis server instance can be accessed no doubt for the pods within the cluster. What you should do if you want it be public accessed from outside.
OpenShift Container Platform provides multiple methods for communicating from outside the cluster with services running in the cluster.
The recommendation, in order or preference, is:
If you have HTTP/HTTPS, use a router.
If you have a TLS-encrypted protocol other than HTTPS (for example, TLS with the SNI header), use a router.
Otherwise, use a Load Balancer, an External IP, or a NodePort.
redis(s):// is not http(s)://
Since redis use TCP 6379 port by default, we cannot use a router to expose it or even use nginx reverse proxy to bypass the service. Because http protocol can't work with redis protocol.
use a Load Balancer, an External IP
both requires external IP pool. you need extra configuration for IP resources. If you are the cluster admin, you definitely can try any of these methods.
Lifesaver: NodePort
well, the third and last option, let't try use a NodePort. check below sample yaml and configure the NodePort service for your none http(s) TCP port service accordingly.
Remember use a port in range 30000~32767. I used 32123 in my case.
You should be able to access the service using the<NodeIP>:<NodePort>address.
Now your redis server is able to be accessed publicly from outside of the cluster where the pod deployed. Then question comes: How do you know the node ip?
Viewing and listing the nodes in your OpenShift Container Platform cluster
I give the openshift command:
oc get nodes -o wide
You can use the host name or external ip from any node in the cluster. Then you can test the connection from outside of your cluster via redis-cli
redis-cli -h <NodeIp> -p <NodePort> -a password
PS: use 32123 NodePort to connect rather 6379 the port that exposed by the redis service.
References: