Using multiple listeners in Kubernetes

Owned by Florian Raschbichler, created
Last updated: May 22, 2023 by Sheetal Shet
3 min read

This article explains how to configure multiple listeners in Kubernetes.

Multiple listeners allow to connect with different protocols and bind listeners to the specific network interface.

HiveMQ provides flexible configurations to use multiple listeners for different protocols based on your need. For example, Clients with standard TCP connections can connect HIVEMQ on one port and secure TCP connections on another port. You can check here for more detailed configurations.

Similarly, it is also possible to use multiple listeners in the Kubernetes operator.

Here we are taking the example of configuring clients with standard TCP and Secured TCP to connect brokers via Kubernetes.

Instructions

Step 1:

Add two ports (TLS and non-TLS) via the values.YAML file

Typically 1883 for plain TCP and 8883 for 8883 TLS secured TCP

ports: - name: "mqtt" port: 1883 expose: true ... - name: "mqtt-tls" port: 8883 ...

Step 2:

After adding these ports next step is to have service(s) exposing those ports to the world

You can do this in two ways,

  1. Expose the ports directly via the use of the K8s operator patch. (You can export these configurations from the full values.yaml in our helm-chart repository.)

ports: - name: "mqtt" port: 1883 expose: true patch: - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]' # If you want Kubernetes to expose the MQTT port to external traffic - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]' - name: "mqtt-tls" port: 8883 expose: true patch: - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]' # If you want Kubernetes to expose the MQTT port to external traffic - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'

This will create two separate services for both the ports with the name you have given in configuration i.e mqtt and mqtt-tls

2. Create a “regular” service object to expose them instead of doing it by operator

  • set expose: false for the ports in values.yaml 

ports: - name: "mqtt" port: 1883 expose: false - name: "mqtt-tls" port: 8883 expose: false

  • Next, create a service to expose these ports. Add configurations in service.yaml

Your cluster name is the one you used during HiveMQ deployment while installing the helm chart. 

For example: 

helm upgrade --install -f values.yaml my-cluster hivemq/hivemq-operator

here my-cluster is the cluster name

next step is to apply this service manually i.e 

kubectl apply -f service.yml

You can also verify if the service is up and running by checking logs.