Can I use OpenShift built in Ingress operator to expose SMTP and IMAP services?
I can’t use NodePort Service as I have a cluster that is setup to not expose any public node IPs, all traffic goes through a single api node (very annoying but that’s the tooling I have to work with).
I can’t use routes as described here: Openshift route to accept SMTP requests
I found this but it is http based and uses routes under the covers: https://www.tutorialworks.com/openshift-ingress/
I have a docker mailserver running – SMTP send from within the cluster works fine.
What I want is an Ingress that exposes the SMTP/IMAP protocol services on standard SMTP/IMAP ports. I don’t need load balancing, HA, multiple host names, etc. For IMAP I don’t even need TLS (this is an internal test system).
Here’s what I have tried in my mailserver namespace that yields Couldn't connect to host, port: imap.mycluster.mycompany.com, 143;
from outside the cluster. Just trying to get IMAP working first.
apiVersion: v1
kind: Service
metadata:
name: mailserver-imap
labels:
app: mailserver
spec:
type: ClusterIP
selector:
app: mailserver
ports:
- name: imap
port: 143
targetPort: imap
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: imap
spec:
defaultBackend:
service:
name: mailserver-imap
port:
number: 143
2
Answers
If you need direct TCP access to pods over anything other than the standard HTTP(S) ports, the recommended method is to expose the pod’s
Service
object as a LoadBalancer (this is the most robust option). So your service would look more likeAdditional resources:
Depending of your tolerance to using alpha/beta software, maybe you could be interested by the next generation of k8s ingress/route named
"Gateway API"
This next generation ingress API addresses most of the limitations of current ingress/routes/nodeports etc
Its is currently possible to deploy a
Gateway
implementation in OCP and use it, most current ingress controller have an implementation of the API. This includes HAProxy, nginx etc…Some pointers here: