Search code examples
kuberneteskubernetes-ingressnginx-ingressgraylog3

Can't send log into Graylog kubernetes

How to expose node port on ingress?

NAME                         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)                                       AGE
logs-graylog                 NodePort    10.20.8.187   <none>        80:31300/TCP,12201:31301/UDP,1514:31302/TCP   5d3h
logs-graylog-elasticsearch   ClusterIP   None          <none>        9200/TCP,9300/TCP                             5d3h
logs-graylog-master          ClusterIP   None          <none>        9000/TCP                                      5d3h
logs-graylog-slave           ClusterIP   None          <none>        9000/TCP                                      5d3h
logs-mongodb-replicaset      ClusterIP   None          <none>        27017/TCP                                     5d3h

This is how my service look like where there are some node ports. Graylog web interface is expose on port 80.

But i am not able to send logs on URL. my graylog weburl is https://logs.example.com

it's running on https cert-manager is there on kubernertes ingress.

i am not able to send Glef UDP logs on URl. am i missing something to open port from ingress or UDP filter something ?

this is my ingress :

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: logs-graylog-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    certmanager.k8s.io/cluster-issuer: graylog
    nginx.ingress.kubernetes.io/ssl-redirect: "true"

spec:
  tls:
  - hosts:
    - logs.example.io
    secretName: graylog
  rules:
  - host: logs.example.io
    http:
      paths:
      - backend:
          serviceName: logs-graylog
          servicePort: 80
      - backend:
          serviceName: logs-graylog
          servicePort: 12201
      - backend:
          serviceName: logs-graylog
          servicePort: 31301

Service : 

apiVersion: v1
kind: Service
metadata:

  labels:
    app: graylog
    chart: graylog-0.1.0
    component: graylog-service
    heritage: Tiller
    name: graylog
    release: logs
  name: logs-graylog

spec:
  clusterIP: 10.20.8.187
  externalTrafficPolicy: Cluster
  ports:
  - name: http
    nodePort: 31300
    port: 80
    protocol: TCP
    targetPort: 9000
  - name: udp-input
    nodePort: 31301
    port: 12201
    protocol: UDP
    targetPort: 12201
  - name: tcp-input
    nodePort: 31302
    port: 1514
    protocol: TCP
    targetPort: 1514
  selector:
    graylog: "true"
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}
Solution

  • UDP services aren't normally exposed via an Ingress Controller like TCP HTTP(S) services are. I'm not sure any ingress controllers even support UDP, certainly not with 3 protocols combined in a single ingress definition.

    If the cluster is hosted on a cloud service, most support a Service with type LoadBalancer to map external connections into a cluster. 

    apiVersion: v1
kind: Service
metadata:
  name: logs-direct-graylog
spec:
  selector:
    graylog: "true"
  ports:
  - name: udp-input
    port: 12201
    protocol: UDP
    targetPort: 12201
  - name: tcp-input
    port: 1514
    protocol: TCP
    targetPort: 1514
  type: LoadBalancer

    If service of type LoadBalancer is not available in your environment you can use the NodePort service. The nodePorts you have defined will be available on the external IP of each of your nodes.

    A nodePort is not strictly required for the http port, as the nginx Ingress Controller takes care of that for you elsewhere in it's own service. 

    apiVersion: v1
kind: Service
metadata:
  name: logs-graylog
spec:
  selector:
    graylog: "true"
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: 9000

    The ports other than 80 can be removed from your ingress definition.