Using multiple listeners in Kubernetes
This article explains how to configure multiple listeners in Kubernetes.
Multiple listeners allow to connect with different protocols and bind listeners to the specific network interface.
HiveMQ provides flexible configurations to use multiple listeners for different protocols based on your need. For example, Clients with standard TCP connections can connect HIVEMQ on one port and secure TCP connections on another port. You can check here for more detailed configurations.
Similarly, it is also possible to use multiple listeners in the Kubernetes operator.
Here we are taking the example of configuring clients with standard TCP and Secured TCP to connect brokers via Kubernetes.
Instructions
Step 1:
Add two ports (TLS and non-TLS) via the values.YAML
file
Typically 1883 for plain TCP and 8883 for 8883 TLS secured TCP
ports:
- name: "mqtt"
port: 1883
expose: true
...
- name: "mqtt-tls"
port: 8883
...
Step 2:
After adding these ports next step is to have service(s) exposing those ports to the world
You can do this in two ways,
Expose the ports directly via the use of the K8s operator patch. (You can export these configurations from the full
values.yaml
in our helm-chart repository.)
ports:
- name: "mqtt"
port: 1883
expose: true
patch:
- '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]'
# If you want Kubernetes to expose the MQTT port to external traffic
- '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'
- name: "mqtt-tls"
port: 8883
expose: true
patch:
- '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]'
# If you want Kubernetes to expose the MQTT port to external traffic
- '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'
This will create two separate services for both the ports with the name you have given in configuration i.e mqtt and mqtt-tls
2. Create a “regular” service object to expose them instead of doing it by operator
set
expose: false
for the ports invalues.yaml
ports:
- name: "mqtt"
port: 1883
expose: false
- name: "mqtt-tls"
port: 8883
expose: false
Next, create a service to expose these ports. Add configurations in
service.yaml
Your cluster name is the one you used during HiveMQ deployment while installing the helm chart.
For example:
helm upgrade --install -f values.yaml my-cluster hivemq/hivemq-operator
here my-cluster
is the cluster name
next step is to apply this service manually i.e
kubectl apply -f service.yml
You can also verify if the service is up and running by checking logs.