Help Center/ Cloud Container Engine/ User Guide/ Network/ Ingresses/ LoadBalancer Ingresses/ Advanced Setting Examples of LoadBalancer Ingresses/ Configuring a Range of Listening Ports for a LoadBalancer Ingress
Updated on 2024-11-11 GMT+08:00
View PDF

Configuring a Range of Listening Ports for a LoadBalancer Ingress

Ingress allows you to customize listening ports. You can configure both HTTP and HTTPS listeners for a Service. For example, a Service can make available both HTTP port 80 and HTTPS port 443 for external access.

Prerequisites

  • A CCE standard cluster is available, and the cluster version meets the following requirements:
    • v1.23: v1.23.14-r0 or later
    • v1.25: v1.25.9-r0 or later
    • v1.27: v1.27.6-r0 or later
    • v1.28: v1.28.4-r0 or later
    • Other clusters of later versions
  • An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
  • A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.

Using kubectl

  1. Use kubectl to access the cluster. For details, see Connecting to a Cluster Using kubectl.
  2. Create a YAML file named ingress-test.yaml. The file name can be customized. 

    vi ingress-test.yaml

    The following shows an example configuration using an existing load balancer:

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/elb.id: 2c623150-17bf-45f1-ae6f-384b036f547e     # ID of an existing load balancer
    kubernetes.io/elb.class: performance    # Load balancer type
    kubernetes.io/elb.listen-ports: '[{"HTTP": 80},{"HTTPS": 443}]'    # Multi-listener configuration
    kubernetes.io/elb.tls-certificate-ids: 6cfb43c9de1a41a18478b868e34b0a82,6cfb43c9de1a41a18478b868e34b0a82   # HTTPS certificate configuration
  name: ingress-test
  namespace: default
spec:
  ingressClassName: cce
  rules:
  - host: example.com
    http:
      paths:
      - backend:
          service:
            name: test
            port:
              number: 8888
        path: /
        pathType: ImplementationSpecific
        property:
          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH

    Table 1 Annotations for custom listening ports

    Parameter

    Type

    Description

    kubernetes.io/elb.listen-ports

    String

    Configure multiple listening ports for an ingress. The port number ranges from 1 to 65535.

    The following is an example for JSON characters:

    kubernetes.io/elb.listen-ports: '[{"HTTP":80},{"HTTPS":443}]'
    • Only the listening ports that comply with both HTTP and HTTPS are allowed.
    • This function is available only for newly created ingresses. Additionally, after you configure multiple listening ports, the annotations cannot be modified or deleted.
    • If both kubernetes.io/elb.listen-ports and kubernetes.io/elb.port are configured, kubernetes.io/elb.listen-ports takes a higher priority.
    • Ingress configuration items such as the blocklist, trustlist, and timeout concurrently take effect on multiple listening ports. When HTTP/2 is enabled for an ingress, HTTP/2 takes effect only on the HTTPS port.

  3. Create an ingress. 

    kubectl create -f ingress-test.yaml

    If information similar to the following is displayed, the ingress has been created:

    ingress/ingress-test created

  4. Check the created ingress. 

    kubectl get ingress

    If information similar to the following is displayed, the ingress has been created:

    NAME          CLASS    HOSTS           ADDRESS          PORTS   AGE
ingress-test  cce      example.com     121.**.**.**     80,443  10s

Parent Topic: Advanced Setting Examples of LoadBalancer Ingresses