OpenShift Container Platform provides multiple methods for communicating from outside the cluster with services running in the cluster.
This topic describes how to allow external access to a service in a cluster over a non-standard port (other than ports 443/80).
Administrators can expose a service endpoint that external traffic can reach, by assigning a unique external IP address to that service from a range of external IP addresses. Administrators can designate a range of addresses using a CIDR notation, which allows an application user to make a request against the cluster for an external IP address.
Each IP address should be assigned to only one service to ensure that each service has a unique endpoint. Potential port clashes are handled on a first-come, first-served basis.
| Method | Purpose |
|---|---|
Allows access to HTTP/HTTPS traffic and TLS-encrypted protocols other than HTTPS (for example, TLS with the SNI header). |
|
Allows traffic to non-standard ports through a specific IP address. |
|
Automatically Assign a Public IP Using a Load Balancer Service |
Allows traffic to non-standard ports through an IP address assigned from a pool. |
Expose a service on all nodes in the cluster. |
The recommendation is:
If you have HTTP/HTTPS, use a router.
If you have a TLS-encrypted protocol other than HTTPS (for example, TLS with the SNI header), use a router.
Otherwise, use a Load Balancer, an External IP, or a NodePort.