yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
71d5c814e7cd147ecf1616dcdb847abdd12996f9
doc-exports/docs/cce/umn/cce_10_0937.html
qiujiandong1 71d5c814e7 CCE UMN 20250311 version 
Reviewed-by: Eotvos, Oliver <oliver.eotvos@t-systems.com>
Co-authored-by: qiujiandong1 <qiujiandong1@huawei.com>
Co-committed-by: qiujiandong1 <qiujiandong1@huawei.com>
2025-06-16 14:58:53 +00:00

76 lines
7.6 KiB
HTML
Raw Blame History

<a name="cce_10_0937"></a><a name="cce_10_0937"></a>
<h1 class="topictitle1">Configuring a Range of Listening Ports for a LoadBalancer Ingress</h1>
<div id="body0000002076244909"><p id="cce_10_0937__p0524271926">Ingress allows you to customize listening ports. You can configure both HTTP and HTTPS listeners for a Service. For example, a Service can make available both HTTP port 80 and HTTPS port 443 for external access.</p>
<div class="section" id="cce_10_0937__section569611318180"><h4 class="sectiontitle">Prerequisites</h4><ul id="cce_10_0937__ul11453637191613"><li id="cce_10_0937__li1193592633115">A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:<ul id="cce_10_0937__ul62201752154212"><li id="cce_10_0937__li1434132714436">v1.23: v1.23.14-r0 or later</li><li id="cce_10_0937__li1043452711434">v1.25: v1.25.9-r0 or later</li><li id="cce_10_0937__li18434427114315">v1.27: v1.27.6-r0 or later</li><li id="cce_10_0937__li5434162717437">v1.28: v1.28.4-r0 or later</li><li id="cce_10_0937__en-us_topic_0000001629730033_li194601627112417">Other clusters of later versions</li></ul>
</li><li id="cce_10_0937__li1578113511562">An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to <a href="cce_10_0047.html">Creating a Deployment</a>, <a href="cce_10_0048.html">Creating a StatefulSet</a>, or <a href="cce_10_0216.html">Creating a DaemonSet</a>.</li><li id="cce_10_0937__li79178855112">A Service for external access has been configured for the workload. <a href="cce_10_0094.html#cce_10_0094__section3565202819276">Services Supported by LoadBalancer Ingresses</a> lists the Service types supported by LoadBalancer ingresses.</li></ul>
</div>
<div class="section" id="cce_10_0937__section1119665592816"><h4 class="sectiontitle">Notes and Constraints</h4><p id="cce_10_0937__p19341138114411">Multiple listening ports can be configured for an ingress only when a dedicated load balancer is used.</p>
</div>
<div class="section" id="cce_10_0937__section11493111062611"><h4 class="sectiontitle">Using kubectl</h4><ol id="cce_10_0937__ol18588159121215"><li id="cce_10_0937__li5499103219119"><span>Use kubectl to access the cluster. For details, see <a href="cce_10_0107.html">Accessing a Cluster Using kubectl</a>.</span></li><li id="cce_10_0937__li128720461410"><span>Create a YAML file named <strong id="cce_10_0937__b42772416311556">ingress-test.yaml</strong>. The file name can be customized.</span><p><pre class="screen" id="cce_10_0937__screen143504917248">vi ingress-test.yaml</pre>
<p id="cce_10_0937__p46338543340">The following shows an example configuration using an existing load balancer:</p>
<pre class="screen" id="cce_10_0937__screen19438556358">apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/elb.id: <i><span class="varname" id="cce_10_0937__varname19776184264113">2c623150-17bf-45f1-ae6f-384b036f547e</span></i> # ID of an existing load balancer
kubernetes.io/elb.class: performance # Load balancer type
kubernetes.io/elb.listen-ports: <i><span class="varname" id="cce_10_0937__varname1644211468411">'[{"HTTP": 80},{"HTTPS": 443}]'</span></i> # Multi-listener configuration
kubernetes.io/elb.tls-certificate-ids: <i><span class="varname" id="cce_10_0937__varname18661135274118">6cfb43c9de1a41a18478b868e34b0a82,6cfb43c9de1a41a18478b868e34b0a82</span></i> # HTTPS certificate configuration
name: ingress-test
namespace: default
spec:
ingressClassName: cce
rules:
- host: example.com
http:
paths:
- backend:
service:
name: test
port:
number: 8888
path: /
pathType: ImplementationSpecific
property:
ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH</pre>
<p id="cce_10_0937__p9253114165719"></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="cce_10_0937__table18741145514363" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Annotations for custom listening ports</caption><thead align="left"><tr id="cce_10_0937__row874195519361"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.2.2.2.5.2.4.1.1"><p id="cce_10_0937__p1074118558362">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11%" id="mcps1.3.4.2.2.2.5.2.4.1.2"><p id="cce_10_0937__p1274111555366">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69%" id="mcps1.3.4.2.2.2.5.2.4.1.3"><p id="cce_10_0937__p2741255153615">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="cce_10_0937__row4741755113619"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.2.2.5.2.4.1.1 "><p id="cce_10_0937__p1968613143718">kubernetes.io/elb.listen-ports</p>
</td>
<td class="cellrowborder" valign="top" width="11%" headers="mcps1.3.4.2.2.2.5.2.4.1.2 "><p id="cce_10_0937__p13742175553611">String</p>
</td>
<td class="cellrowborder" valign="top" width="69%" headers="mcps1.3.4.2.2.2.5.2.4.1.3 "><p id="cce_10_0937__p178380126474">Configure multiple listening ports for an ingress. The port number ranges from 1 to 65535.</p>
<p id="cce_10_0937__p536942216542">The following is an example for JSON characters:</p>
<pre class="screen" id="cce_10_0937__screen157135616532">kubernetes.io/elb.listen-ports: '[{"HTTP":80},{"HTTPS":443}]'</pre>
<ul id="cce_10_0937__ul194671817194711"><li id="cce_10_0937__li14393192244714">Only the listening ports that comply with both HTTP and HTTPS are allowed.</li><li id="cce_10_0937__li838275074712">This function is available only for newly created ingresses in clusters of a version earlier than v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, or v1.30.4-r0. Additionally, after you configure multiple listening ports, the annotations cannot be modified or deleted. In clusters of v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, v1.30.4-r0, or later, the annotations can be modified and deleted.</li><li id="cce_10_0937__li1852621114517">If both <strong id="cce_10_0937__b159621934114219">kubernetes.io/elb.listen-ports</strong> and <strong id="cce_10_0937__b179621734154212">kubernetes.io/elb.port</strong> are configured, <strong id="cce_10_0937__b2962153413429">kubernetes.io/elb.listen-ports</strong> takes a higher priority.</li><li id="cce_10_0937__li7881131310456">Ingress configuration items such as the blocklist, trustlist, and timeout concurrently take effect on multiple listening ports. When HTTP/2 is enabled for an ingress, HTTP/2 takes effect only on the HTTPS port.</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="cce_10_0937__li13420131462418"><span>Create an ingress.</span><p><pre class="screen" id="cce_10_0937__screen19744568245">kubectl create -f ingress-test.yaml</pre>
<p id="cce_10_0937__p5420131416240">If information similar to the following is displayed, the ingress has been created:</p>
<pre class="screen" id="cce_10_0937__screen1742018145243">ingress/ingress-test created</pre>
</p></li><li id="cce_10_0937__li17235910124"><span>Check the created ingress.</span><p><pre class="screen" id="cce_10_0937__screen175131737254">kubectl get ingress</pre>
<p id="cce_10_0937__p224315113121">If information similar to the following is displayed, the ingress has been created:</p>
<pre class="screen" id="cce_10_0937__screen135291174384">NAME CLASS HOSTS ADDRESS PORTS AGE
ingress-test cce example.com 121.**.**.** 80,443 10s</pre>
</p></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="cce_10_0935.html">Advanced Setting Examples of LoadBalancer Ingresses</a></div>
</div>
</div>
View Git Blame Copy Permalink