Using custom ports for nginx ingress in k8s

Question

I have multiple services running on port 80.

I am now deploying another service which runs on port 3310 (virus scanner), if I try to use nginx I don't seem to be able to get the ports working correctly. I read somewhere that nginx only works for the standard ports.

So I've gone down the route of using a load balancer service. This works perfectly, but with the added cost of an additional IP address etc.

Is there anyway of continuing to use the nginx ingress for this non standard port? And hence removing the need for the additional external access to the cluster?

Answer 1

If the virus scanner on port 3310 accepts HTTP/HTTPS connections, then you can use an ingress controller. Ingress resources will accept incoming traffic on ports 80 and 443 only. You will need expose that service with to either a different hostname or path to identify which requests to send to your antivirus service.

If you require TCP/UDP connections to the service, you can create a ConfigMap which is read by nginx ingress controller. You will need to pass the parameter --tcp-services-configmap to the nginx ingress controller on startup (via container args in the ingress controller Deployment resource).

Given this sample ingress controller Deployment resource, you would add the parameter --tcp-service-configmap=default/tcp-controller-configmap to the end of the file as another element in the args list.

The ConfigMap would look something like this:

apiVersion: v1
kind: ConfigMap
metadata:
    name: tcp-controller-configmap
    namespace: default
data:
    3310: "default/name-of-your-av-service:3310"

Answer 2

You could access your virus scanner via a NodePort Service. Your should already have external IP addresses assigned to your Nodes, so no extra costs.

You are right about Ingress entities only making port 80 and 442 externally available. As per the K8s Documentation they seem to be designed that way.