Support of non-HTTP(S)/TLS traffic in OSD and ROSA
Environment
- Red Hat OpenShift Service on AWS (ROSA)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
Issue
- Do OSD or ROSA support non-HTTP(S)/TLS traffic?
- Is it possible to use non-HTTP(S) protocols and/or non standard ports in OSD or ROSA clusters?
- Is it possible to use
LoadBalancer
services
in OSD/ROSA? - Is it possible to use TCP traffic to access to applications in OSD/ROSA?
Resolution
Disclaimer: Links contained herein to external website(s) are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.
For using non-HTTP(S) protocols and non-standard ports in OSD/ROSA, it is possible to configure a Service
of type LoadBalancer
following the documentation: Creating a load balancer service (select the same version of the documentation than the version of the cluster).
By default, a Classic Load Balancer (CLB) will be created. Refer to Using NLB in OSD or ROSA for creating Network Load Balancer (NLB) instead.
Note: the quota of the CLB depends on AWS limitation, further information in Quotas for your Classic Load Balancer
Root Cause
As per the documentation, for using non-HTTP(S) protocols and non standard ports in OSD and ROSA, it is possible to configure a Service
of type LoadBalancer
:
-
Optional: Load balancers for services that can be mapped to a service running on OpenShift Dedicated to enable advanced ingress features, such as non-HTTP/SNI traffic or the use of non-standard ports. These can be purchased in groups of 4 for standard clusters, or they can be provisioned without charge in Customer Cloud Subscription (CCS) clusters; however, each AWS account has a quota that limits the number of Classic Load Balancers that can be used within each cluster.
-
Optional: Load balancers for services. Enable non-HTTP/SNI traffic and non-standard ports for services. These load balancers can be mapped to a service running on Red Hat OpenShift Service on AWS to enable advanced ingress features, such as non-HTTP/SNI traffic or the use of non-standard ports. Each AWS account has a quota which limits the number of Classic Load Balancers that can be used within each cluster.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments