This article explains how to configure multiple listeners in Kubernetes.
Multiple listeners allow to connect with different protocols and bind listeners to the specific network interface. You can find more details about how multiple listeners configured in HiveMq
Here we are taking the example of configuring TLS and Non-TLS clients to connect broker via Kubernetes.
Instructions
Step 1:
Add two ports (TLS and non-TLS) via the values.yaml
file
Typically 1883 for plain TCP and 8883 for 8883 TLS secured TCP
ports: - name: "mqtt" port: 1883 expose: true ... - name: "mqtt-tls" port: 8883 ...
Step 2:
After adding these ports next step is to have service(s) exposing those ports to the world
You can do this in two ways,
Expose the ports directly via the use of the K8s operator patch. (You can export these configurations from the full
values.yaml
in our helm-chart repository.)
ports: - name: "mqtt" port: 1883 expose: true patch: - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]' # If you want Kubernetes to expose the MQTT port to external traffic - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]' - name: "mqtt-tls" port: 8883 expose: true patch: - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]' # If you want Kubernetes to expose the MQTT port to external traffic - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'
This will create two separate services for both the ports with the name you have given in configuration i.e mqtt and mqtt-tls
2. Create a “regular” service object to expose them instead of doing it by operator
set
expose: false
for the ports invalues.yaml
ports: - name: "mqtt" port: 1883 expose: false - name: "mqtt-tls" port: 8883 expose: false
Next, create a service to expose these ports. Add configurations in
service.yaml
apiVersion: v1 kind: Service metadata: name: service-name labels: app: hivemq hivemq-cluster: my-cluster spec: selector: hivemq-cluster: my-cluster spec: ports: - name: mqtt port: 1883 targetPort: 1883 - name: mqtt-tls port: 8883 targetPort: 8883 selector: app: hivemq type: LoadBalancer
Your cluster name is the one you have used during HiveMQ deployment while installing the helm chart.
For example:
helm upgrade --install -f values.yaml my-cluster hivemq/hivemq-operator
here my-cluster
is the cluster name
next step is to apply this service manually i.e
kubectl apply -f service.yml
You can also verify if the service is up and running by checking logs.