Skip to content

Instantly share code, notes, and snippets.

@wallyqs

wallyqs/aks-lb.md

Last active October 18, 2022 11:25
Show Gist options
  • Save wallyqs/c70f2be6697be65f8c4a43e0c3f108d9 to your computer and use it in GitHub Desktop.
Save wallyqs/c70f2be6697be65f8c4a43e0c3f108d9 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up a NATS Server with external access on Azure
Raw
aks-lb.md

Setting up a NATS Server with external access on Azure

With the following, you can create a 3-node NATS Server cluster:

kubectl apply -f https://raw.githubusercontent.com/nats-io/k8s/b55687a97a5fd55485e1af302fbdbe43d2d3b968/nats-server/leafnodes/nats-cluster.yaml

The configuration map from the NATS cluster that was created can be found below.

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: nats-config
data:
  nats.conf: |
    pid_file: "/var/run/nats/nats.pid"
    http: 8222
    # debug: true
    ping_interval: 30s

    cluster {
      port: 6222
      no_advertise: true

      routes: [
        nats://nats-0.nats.default.svc:6222
        nats://nats-1.nats.default.svc:6222
        nats://nats-2.nats.default.svc:6222
      ]
    }

    leaf {
      port: 7422
      authorization {
        timeout: 3s
        users = [
          { user: "foo", pass: "bar" }
        ]
      }
    }

Now let's expose the NATS Server by creating an L4 load balancer on Azure:

kubectl apply -f https://raw.githubusercontent.com/nats-io/k8s/b55687a97a5fd55485e1af302fbdbe43d2d3b968/nats-server/leafnodes/lb.yaml

Confirm the public IP that was allocated to the nats-lb service that was created, in this case it is 52.155.49.45:

$ kubectl get svc -o wide
NAME         TYPE           CLUSTER-IP    EXTERNAL-IP    PORT(S)                                                 AGE     SELECTOR
kubernetes   ClusterIP      10.0.0.1      <none>         443/TCP                                                 81d     <none>
nats         ClusterIP      None          <none>         4222/TCP,6222/TCP,8222/TCP,7777/TCP,7422/TCP,7522/TCP   7h46m   app=nats
nats-lb      LoadBalancer   10.0.107.18   52.155.49.45   4222:31161/TCP,7422:30960/TCP                           7h40m   app=nats

Notice that the leafnode configuration requires authorization, so in order to connect to it we will need to configuration as follows:

leaf {
  remotes = [
    {
      url: "nats://foo:[email protected]:7422"
    }
  ]
}

You can also add a NATS Streaming cluster into the cluster connecting to the port 4222:

kubectl apply -f https://raw.githubusercontent.com/nats-io/k8s/b55687a97a5fd55485e1af302fbdbe43d2d3b968/nats-server/leafnodes/stan-server.yaml

Now if you create two NATS Servers that connect to the same leafnode port, they will be able to receive messages to each other:

$ nats-server -c leafnodes/leaf.conf -p 4222 &
$ nats-server -c leafnodes/leaf.conf -p 4223 &

$ nats-sub -s localhost:4222 foo &
$ nats-pub -s localhost:4223 foo hello 

Listening on [foo]
[#1] Received on [foo] : 'hello'
Raw
aks-lb2.yaml
apiVersion: v1
kind: Service
metadata:
name: nats-lb2
annotations:
service.beta.kubernetes.io/azure-load-balancer-tcp-idle-timeout: "10"
spec:
type: LoadBalancer
externalTrafficPolicy: Local
selector:
app: nats
ports:
- protocol: TCP
port: 80
targetPort: 4222
name: client
- protocol: TCP
port: 443
targetPort: 7422
name: leafnodes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment