DevOps

Guide to Configuring TCP Service Forwarding with Ingress-Nginx in Kubernetes

This guide provides detailed steps to configure TCP service exposure through Ingress-Nginx controller in Kubernetes, using MySQL service as a practical example.

This article was published 458 days ago, some content may be outdated. If you have any questions, please leave a comment.

This guide explains how to configure an Ingress-Nginx controller in a Kubernetes cluster to support TCP service forwarding, using MySQL service as an example.

Prerequisites

  • Kubernetes cluster installed
  • Ingress-Nginx controller deployed
  • Existing TCP service to expose (MySQL in this example)

Configuration Steps

Configure TCP Service Mapping

Create a tcp-services.yaml file to define TCP port mappings:

1
2
3
4
5
6
7
8

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: ingress-nginx
data:
  # Syntax: <external_port>: "<namespace>/<service_name>:<target_port>"
  3306: "default/mysql-primary:3306"

Apply configuration:

1

kubectl create -f tcp-services.yaml

If the ConfigMap already exists, edit directly:

1
2

kubectl edit configmap tcp-services -n ingress-nginx
# Add new mapping under data: <external_port>: "<namespace>/<service_name>:<port>"

Update Ingress Controller Configuration

Edit the Ingress-Nginx Controller Deployment:

1

kubectl edit deployment ingress-nginx-controller -n ingress-nginx

Add the following configuration to the controller’s args section:

1
2
3

args:
  # ... existing parameters ...
  - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services

Configuring Ingress Controller Service

Edit the Ingress-Nginx Controller Service:

1

kubectl edit service ingress-nginx-controller -n ingress-nginx

Add TCP service port configuration in the ports section:

1
2
3
4
5
6

ports:
  # ... Other existing port configurations ...
  - name: mysql-primary
    port: 3306
    protocol: TCP
    targetPort: 3306

Verification

After completing configurations, verify with following methods:

  1. Check ConfigMap creation:
1

kubectl get configmap tcp-services -n ingress-nginx -o yaml
  1. Confirm Ingress Controller status:
1

kubectl get pods -n ingress-nginx
  1. Verify port exposure:
1

kubectl get svc ingress-nginx-controller -n ingress-nginx

Notes

  • Ensure target services (e.g., MySQL) are properly running in the cluster
  • Check for port conflicts
  • Additional security group/firewall rule configurations may be required for cloud providers
© 2019 - 2026 Kang's Blog
Facing the sea with spring blossoms.
Built with Hugo
Theme Stack designed by Jimmy