Red Hat SummitChapter 8. Configuring network access to Data Grid
Expose Data Grid clusters so you can access Data Grid Console, the Data Grid command line interface (CLI), REST API, and Hot Rod endpoint.
8.1. Getting the service for internal connections
By default, Data Grid Operator creates a service that provides access to Data Grid clusters from clients running on OpenShift.
This internal service has the same name as your Data Grid cluster, for example:
metadata: name: example-infinispan
metadata:
name: example-infinispanProcedure
Check that the internal service is available as follows:
oc get services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan ClusterIP 192.0.2.0 <none> 11222/TCP
$ oc get services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan ClusterIP 192.0.2.0 <none> 11222/TCPCopy to Clipboard Copied! Toggle word wrap Toggle overflow
8.2. Exposing Data Grid through load balancers
Use a load balancer service to make Data Grid clusters available to clients running outside OpenShift.
To access Data Grid with unencrypted Hot Rod client connections you must use a load balancer service.
Procedure
-
Include
spec.exposein yourInfinispanCR. -
Specify
LoadBalanceras the service type with thespec.expose.typefield. Optionally specify the network port where the service is exposed with the
spec.expose.portfield. The default port is7900.spec: expose: type: LoadBalancer port: 65535spec: expose: type: LoadBalancer port: 65535Copy to Clipboard Copied! Toggle word wrap Toggle overflow - Apply the changes.
Verify that the
-externalservice is available.oc get services | grep external NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan-external LoadBalancer 192.0.2.24 hostname.com 11222/TCP
$ oc get services | grep external NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan-external LoadBalancer 192.0.2.24 hostname.com 11222/TCPCopy to Clipboard Copied! Toggle word wrap Toggle overflow
8.3. Exposing Data Grid through node ports
Use a node port service to expose Data Grid clusters on the network.
Procedure
-
Include
spec.exposein yourInfinispanCR. -
Specify
NodePortas the service type with thespec.expose.typefield. Configure the port where Data Grid is exposed with the
spec.expose.nodePortfield.spec: expose: type: NodePort nodePort: 30000spec: expose: type: NodePort nodePort: 30000Copy to Clipboard Copied! Toggle word wrap Toggle overflow - Apply the changes.
Verify that the
-externalservice is available.oc get services | grep external NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan-external NodePort 192.0.2.24 <none> 11222:30000/TCP
$ oc get services | grep external NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) example-infinispan-external NodePort 192.0.2.24 <none> 11222:30000/TCPCopy to Clipboard Copied! Toggle word wrap Toggle overflow
8.4. Exposing Data Grid through routes
Use an OpenShift Route with passthrough encryption to make Data Grid clusters available on the network.
Procedure
-
Include
spec.exposein yourInfinispanCR. -
Specify
Routeas the service type with thespec.expose.typefield. Optionally add a hostname with the
spec.expose.hostfield.spec: expose: type: Route host: www.example.orgspec: expose: type: Route host: www.example.orgCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Apply the changes.
Verify that the route is available.
oc get routes NAME CLASS HOSTS ADDRESS PORTS AGE example-infinispan <none> * 443 73s
$ oc get routes NAME CLASS HOSTS ADDRESS PORTS AGE example-infinispan <none> * 443 73sCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Route ports
When you create a route, it exposes a port on the network that accepts client connections and redirects traffic to Data Grid services that listen on port 11222.
The port where the route is available depends on whether you use encryption or not.
| Port | Description |
|---|---|
|
| Encryption is disabled. |
|
| Encryption is enabled. |
8.5. Network services
Reference information for network services that Data Grid Operator creates and manages.
8.5.1. Internal service
- Allow Data Grid pods to discover each other and form clusters.
- Provide access to Data Grid endpoints from clients in the same OpenShift namespace.
| Service | Port | Protocol | Description |
|---|---|---|---|
|
|
| TCP | Internal access to Data Grid endpoints |
|
|
| TCP | Cluster discovery |
8.5.2. External service
Provides access to Data Grid endpoints from clients outside OpenShift or in different namespaces.
You must create the external service with Data Grid Operator. It is not available by default.
| Service | Port | Protocol | Description |
|---|---|---|---|
|
|
| TCP | External access to Data Grid endpoints. |
8.5.3. Cross-site service
Allows Data Grid to back up data between clusters in different locations.
| Service | Port | Protocol | Description |
|---|---|---|---|
|
|
| TCP | JGroups RELAY2 channel for cross-site communication. |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}