[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Can I run a NON-HTTP UDP based application on Openshift V3



Hi Fernando,

Thanks for your time and detailed answer. Even I was thinking of the possibility of port forwarding.
Currently, I am trying on All in one Vagrant VM and later I'll deploy OS Origin on OpenStack. Everything is under our control so I guess we won't have port conflicts if somehow we managed to change the nodeport to lower value.

Anyways, before asking further questions I should better try it but, unfortunately, I am still stuck at the very simple issue of routing my request from host to the pods in Vagrant. I'll ask a separate question for this, please have a look :).

Thanks again.

Thanks & Regards,
Suryaveer Singh Chauhan

On 24 November 2015 at 06:57, Fernando Lozano <flozano redhat com> wrote:
Hi Suryaveer,


I want to confirm something about ports in spec:NodePort. It is written that we have to give a nodeport within some range 30000-32000 (not exact range). What I understand for NodePort is that a port is Opened on a node where a pod is running and I'll access the my application using nodeIp:nodeport. ( I saw some tutorial videos)

My requirement is to expose port 5060 which is the standard port, can I achieve this using nodeport. 

Pardon me if I am asking some stupid questions, I am still trying to run a simple application using standard service but not able to hit it from outside the cluster, otherwise I would have tried the nodeport thing. I'll ask another question for the issue I mentioned.


I don't know if the allowed port range for NodePort services is configurable to allow lower TCP/UDP ports and I also do not know if OSE enforces the configured range. I suppose OSE cannot let a pod request any port because it could conflict with ports used by OSE node services like kubelet and the SDN. Another issue is that a NodePort service can conflict with other NodePort services.

This doesn't exactly answer your question, it is just so you know NodePort restrictions make sense. In a cloud environment you give up some fine-grained control that you'd have with bare metal servers or traditional virtual machines in exchange for easier deploying and management. If an application is not flexible enough to run with configuration changes it may not be possible to run it under OSE and other cloud platforms.

Isn't it possible to configure your application to use a different UDP port? I guess no, SIP is not very flexible. :-(

If that is the case, maybe you can run something outside OSE, for example at a firewall box, to redirect packets from port 5060 in it to whatever port you configure in your NodePort service. If you can guarantee using UDP port 5060 on your OSE nodes is safe you also have the option of configuring iptables rules to redirect packets.


[]s, Fernando Lozano



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]