Setting Up an NGINX Ingress Controller for TCP Traffic in GKE

Introduction

In Google Kubernetes Engine (GKE), you can use an NGINX ingress controller to manage TCP traffic routing to your services. This guide will walk you through the steps to set up an ingress controller that forwards TCP traffic based on port numbers, allowing you to avoid creating multiple LoadBalancer services.

Prerequisites

Ensure you have the following set up:

• A GKE cluster running.
• kubectl configured to interact with your cluster.
• An NGINX ingress controller installed in your cluster.

Step 1: Create a TCP Services ConfigMap

First, you need to define a ConfigMap that specifies how to route TCP traffic to your services. Below is an example configuration that routes traffic on port 9000 to a service named echo-service running on port 50000.

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: default
data:
  9000: "default/echo-service:50000"

Step 2: Configure the NGINX Ingress Service

Next, you will create a service for the NGINX ingress controller. This service will expose the ingress controller and define the ports it will listen on, including the TCP port for your application.

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: default
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: LoadBalancer
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
    - name: proxied-tcp-9000
      port: 9000
      targetPort: 9000
      protocol: TCP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

Step 3: Deploy the ConfigMap and Service

Use the following command to apply the ConfigMap and service configuration:

kubectl apply -f <CONFIG_MAP_FILE_NAME>
kubectl apply -f <SERVICE_FILE_NAME>

Step 4: Testing the Setup

Once the configurations are applied, you can test the setup by running your TCP client. Replace <EXTERNAL-IP-OF-LOAD-BALANCER> with the external IP of your ingress service and use port 9000:

python client.py --host <EXTERNAL-IP-OF-LOAD-BALANCER> --port 9000

Troubleshooting

If you encounter a connection refused error, check the following:

• Ensure that the NGINX ingress controller is running and correctly configured.
• Verify that the service names and ports in your ConfigMap match those of your running services.
• Check the logs of the NGINX ingress controller for any errors that might indicate misconfiguration.

Conclusion

By following these steps, you can efficiently route TCP traffic to multiple services using a single NGINX ingress controller, simplifying your GKE service management.