在Kubernetes上运行SIP应用程序(UDP)的问题 [英] Problems on running a SIP application (UDP) on Kubernetes

问题描述

我正在尝试在Kubernetes上的SIP应用程序(opensips在线状态服务器)上工作，但无法正常工作.

I am trying to work on a SIP application (opensips presence server) on Kubernetes but it's not working as expected.

该应用程序在UDP端口5060上运行，客户端也使用相同的端口进行连接.

The application runs on UDP port 5060 and clients also use same port to connect.

我创建了一个NodePort服务(因为LoadBalancer仅支持TCP)，它公开了NodePort 5060，而容器端口也是50​​60.

I have created a NodePort service(because LoadBalancer only supports TCP) which exposes NodePort 5060 and container port is also 5060.

以下是规格:

"spec": {
    "ports": [
      {
        "port": 5061,
        "protocol": "UDP",
        "targetPort": 5060,
    "nodeport": 5060,
    "name": "sipu"
      }
    ],
    "selector": {
      "app": "opensips"
    },
    "type": "NodePort"
  }

Iptable规则:

And the Iptable rules:

Chain KUBE-NODEPORT-CONTAINER (1 references)
 pkts bytes target     prot opt in     out     source               destination
   12  8622 REDIRECT   udp  --  *      *       0.0.0.0/0            0.0.0.0/0            /* default/opensips:sipu */ udp dpt:5060 redir ports 40482
    3    95 REDIRECT   udp  --  *      *       0.0.0.0/0            0.0.0.0/0            /* default/my-udp-service: */ udp dpt:6000 redir ports 47497


Chain KUBE-NODEPORT-HOST (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            /* default/opensips:sipu */ udp dpt:5060 to:10.0.1.215:40482
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            /* default/my-udp-service: */ udp dpt:6000 to:10.0.1.215:47497

应用程序接收到请求，但是当它尝试在端口5060上发送答复时，会出现问题，我认为是由于iptable规则，答复被发送回了pod.

The application receives the request but the problem occurs when it tries to send the reply on port 5060, the reply is sent back to the pod, I guess because of the iptable rules.

我尝试使用其他客户端端口，但在这种情况下，iptable会忽略该端口，因为它不知道该端口.

I tried with different client port but in that case, the iptable ignores the port because it doesn't know about that port.

如果在这种情况下需要做些额外的事情，请指导我.

Please guide me if something extra needs to be done in this case.

谢谢

推荐答案

也许您需要在所有节点上使用此config标志启动kube-proxy服务:

maybe you need start kube-proxy service with this config flag on all nodes:

--udp-timeout=250ms (change the value according to your needs)

更多信息: http://kubernetes.io/v1.1 /docs/admin/kube-proxy.html

这篇关于在Kubernetes上运行SIP应用程序(UDP)的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！