Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 14. Using the Stream Control Transmission Protocol (SCTP) on a bare metal cluster

As a cluster administrator, you can use the Stream Control Transmission Protocol (SCTP) on a cluster.

As a cluster administrator, you can enable SCTP on the hosts in the cluster. On Red Hat Enterprise Linux CoreOS (RHCOS), the SCTP module is disabled by default.

SCTP is a reliable message based protocol that runs on top of an IP network.

When enabled, you can use SCTP as a protocol with pods, services, and network policy. A 

Service
object must be defined with the 
type
parameter set to either the 
ClusterIP
or 
NodePort
value.

14.1.1. Example configurations using SCTP protocol
Copia collegamento

You can configure a pod or service to use SCTP by setting the 

protocol
parameter to the 
SCTP
value in the pod or service object.

In the following example, a pod is configured to use SCTP: 

apiVersion: v1
kind: Pod
metadata:
  namespace: project1
  name: example-pod
spec:
  containers:
    - name: example-pod
...
      ports:
        - containerPort: 30100
          name: sctpserver
          protocol: SCTP

In the following example, a service is configured to use SCTP: 

apiVersion: v1
kind: Service
metadata:
  namespace: project1
  name: sctpserver
spec:
...
  ports:
    - name: sctpserver
      protocol: SCTP
      port: 30100
      targetPort: 30100
  type: ClusterIP

In the following example, a 

NetworkPolicy
object is configured to apply to SCTP network traffic on port 
80
from any pods with a specific label: 

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: allow-sctp-on-http
spec:
  podSelector:
    matchLabels:
      role: web
  ingress:
  - ports:
    - protocol: SCTP
      port: 80

14.2. Enabling Stream Control Transmission Protocol (SCTP)
Copia collegamento

As a cluster administrator, you can load and enable the blacklisted SCTP kernel module on worker nodes in your cluster.

Prerequisites

  • Install the OpenShift CLI (
    oc
    ).
  • Access to the cluster as a user with the 
    cluster-admin
    role.

Procedure

  1. Create a file named 

    load-sctp-module.yaml
    that contains the following YAML definition: 

    apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  name: load-sctp-module
  labels:
    machineconfiguration.openshift.io/role: worker
spec:
  config:
    ignition:
      version: 3.2.0
    storage:
      files:
        - path: /etc/modprobe.d/sctp-blacklist.conf
          mode: 0644
          overwrite: true
          contents:
            source: data:,
        - path: /etc/modules-load.d/sctp-load.conf
          mode: 0644
          overwrite: true
          contents:
            source: data:,sctp

  2. To create the 

    MachineConfig
    object, enter the following command: 

    $ oc create -f load-sctp-module.yaml

  3. Optional: To watch the status of the nodes while the MachineConfig Operator applies the configuration change, enter the following command. When the status of a node transitions to 

    Ready
    , the configuration update is applied. 

    $ oc get nodes

14.3. Verifying Stream Control Transmission Protocol (SCTP) is enabled
Copia collegamento

You can verify that SCTP is working on a cluster by creating a pod with an application that listens for SCTP traffic, associating it with a service, and then connecting to the exposed service.

Prerequisites

  • Access to the internet from the cluster to install the 
    nc
    package.
  • Install the OpenShift CLI (
    oc
    ).
  • Access to the cluster as a user with the 
    cluster-admin
    role.

Procedure

  1. Create a pod starts an SCTP listener:

    1. Create a file named 

      sctp-server.yaml
      that defines a pod with the following YAML: 

      apiVersion: v1
kind: Pod
metadata:
  name: sctpserver
  labels:
    app: sctpserver
spec:
  containers:
    - name: sctpserver
      image: registry.access.redhat.com/ubi8/ubi
      command: ["/bin/sh", "-c"]
      args:
        ["dnf install -y nc && sleep inf"]
      ports:
        - containerPort: 30102
          name: sctpserver
          protocol: SCTP

    2. Create the pod by entering the following command: 

      $ oc create -f sctp-server.yaml

  2. Create a service for the SCTP listener pod.

    1. Create a file named 

      sctp-service.yaml
      that defines a service with the following YAML: 

      apiVersion: v1
kind: Service
metadata:
  name: sctpservice
  labels:
    app: sctpserver
spec:
  type: NodePort
  selector:
    app: sctpserver
  ports:
    - name: sctpserver
      protocol: SCTP
      port: 30102
      targetPort: 30102

    2. To create the service, enter the following command: 

      $ oc create -f sctp-service.yaml

  3. Create a pod for the SCTP client.

    1. Create a file named 

      sctp-client.yaml
      with the following YAML: 

      apiVersion: v1
kind: Pod
metadata:
  name: sctpclient
  labels:
    app: sctpclient
spec:
  containers:
    - name: sctpclient
      image: registry.access.redhat.com/ubi8/ubi
      command: ["/bin/sh", "-c"]
      args:
        ["dnf install -y nc && sleep inf"]

    2. To create the 

      Pod
      object, enter the following command: 

      $ oc apply -f sctp-client.yaml

  4. Run an SCTP listener on the server.

    1. To connect to the server pod, enter the following command: 

      $ oc rsh sctpserver

    2. To start the SCTP listener, enter the following command: 

      $ nc -l 30102 --sctp

  5. Connect to the SCTP listener on the server.

    1. Open a new terminal window or tab in your terminal program.

    2. Obtain the IP address of the 

      sctpservice
      service. Enter the following command: 

      $ oc get services sctpservice -o go-template='{{.spec.clusterIP}}{{"\n"}}'

    3. To connect to the client pod, enter the following command: 

      $ oc rsh sctpclient

    4. To start the SCTP client, enter the following command. Replace 

      <cluster_IP>
      with the cluster IP address of the 
      sctpservice
      service. 

      # nc <cluster_IP> 30102 --sctp
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2026 Red HatTorna in cima