Configuring ingress cluster traffic for a service external IP

• Prerequisites
• Attaching an ExternalIP to a service
• Additional resources

You can attach an external IP address to a service so that it is available to traffic outside the cluster. This is generally useful only for a cluster installed on bare metal hardware. The external network infrastructure must be configured correctly to route traffic to the service.

Prerequisites

• Your cluster is configured with ExternalIPs enabled. For more information, read Configuring ExternalIPs for services.

Attaching an ExternalIP to a service

You can attach an ExternalIP to a service. If your cluster is configured to allocate an ExternalIP automatically, you might not need to manually attach an ExternalIP to the service.

Procedure

1. Optional: To confirm what IP address ranges are configured for use with ExternalIP, enter the following command:

   $ oc get networks.config cluster -o jsonpath='{.spec.externalIP}{"\n"}'

   If autoAssignCIDRs is set, OKD automatically assigns an ExternalIP to a new Service object if the spec.externalIPs field is not specified.

2. Attach an ExternalIP to the service.

   1. If you are creating a new service, specify the spec.externalIPs field and provide an array of one or more valid IP addresses. For example:

      apiVersion: v1
      kind: Service
      metadata:
        name: svc-with-externalip
      spec:
        ...
        externalIPs:
        - 192.174.120.10

   2. If you are attaching an ExternalIP to an existing service, enter the following command. Replace <name> with the service name. Replace <ip_address> with a valid ExternalIP address. You can provide multiple IP addresses separated by commas.

      $ oc patch svc <name> -p \
        '{
          "spec": {
            "externalIPs": [ "<ip_address>" ]
          }
        }'

      For example:

      $ oc patch svc mysql-55-rhel7 -p '{"spec":{"externalIPs":["192.174.120.10"]}}'

      Example output

      "mysql-55-rhel7" patched

3. To confirm that an ExternalIP address is attached to the service, enter the following command. If you specified an ExternalIP for a new service, you must create the service first.

   $ oc get svc

   Example output

   NAME               CLUSTER-IP      EXTERNAL-IP     PORT(S)    AGE
   mysql-55-rhel7     172.30.131.89   192.174.120.10  3306/TCP   13m

Additional resources

• Configuring ExternalIPs for services