Handling of UDP Traffic in UDP Agent(3.2)

In order to configure handling of UDP traffic from inside a Kubernetes cluster with a client or server outside of the cluster, the following needs to be done:

• NodePorts needs to be configured for the ports used for external communication. For further information, see:

https://kubernetes.io/docs/concepts/services-networking/service/#nodeport

• The externalTrafficPolicy of the EC's used for the workflow need to be changed from the default value Cluster to Local.  For further information about externalTrafficPolicy, see:

https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip

service:
enabled: true
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
- name: radius
port: 1813
protocol: UDP
targetPort: 1813
nodePort: 31813
- name: radiusserver
port: 2000
protocol: UDP
targetPort: 2000
nodePort: 32000
type: NodePort
externalTrafficPolicy: Local

• In addition, you will most likely want the workflow to always run on the same host/node, which means that you need to set affinity-rules accordingly. For further information about nodeAffinity, see: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- kube-worker2

If the server workflow is running inside the cluster, the listening port is configured to the port/targetPort (in the example above, case 1813 which is default for the agent), and the client (assuming the client is outside of the cluster), is configured to communicate with the nodePort, in this case 31813. If the client is running inside the cluster, it needs to be configured to listen on host 0.0.0.0 so it binds to all interfaces. The port is the internal one, in this case 2000.