Exposing tcp services like Kafka, MongoDB, and Clickhouse using Nginx Ingress Controller 2026 guide πŸ”₯

🌟 Expose ports for database like a pro

Ingress does not natively support TCP or UDP services, which can be a limitation for applications that require these types of connections. To work around this issue, the Ingress controller utilizes two specific flags: --tcp-services-configmap and --udp-services-configmap. These flags are configured to point to an existing ConfigMap, where the keys represent the external ports and the corresponding values define the services to expose. The required format for these entries is as follows: <namespace/service-name>:<service-port>:[PROXY]:[PROXY]. This structure allows for proper routing of TCP and UDP traffic.

If you've installed the NGINX Ingress controller using a Helm chart, you can simplify this process significantly. Instead of manually managing multiple services and ConfigMaps, you can specify the necessary configurations directly within the values.yaml file associated with the Helm chart. This approach helps streamline your deployment and configuration management. Here’s a step-by-step guide on how to implement these settings within your values.yaml file.

🌝 A long story short

Key parameters in values.yaml for the nginx-ingress-controller:

controller:
  # for passing through traffic right
  config:
 use-forwarded-headers: "true"
 compute-full-forwarded-for: "true"
 use-proxy-protocol: "false"
# settings for tcp ports that we want to passing through
tcp:
"9092": "kafka/kafka:19092"
"27017": "mongodb/mongo-rs-svc:27017"
"9000": "clickhouse/clickhouse-cluster01:9000"

In this example about mongodb: "27017": "mongodb/mongo-rs-svc:27017" 27017 - external port mongodb - namespace mongo-rs-svc - name of service mongo-rs-svc:27017 - service port

kubectl get svc -n ingress-nginx
ingress-nginx-internal-controller           LoadBalancer   10.103.149.255   10.0.10.21              80:30425/TCP,443:32595/TCP,27017:32200/TCP,9000:31740/TCP,9092:32144/TCP

Here we can see new exposed ports for our services, and they are accessible by the IP address of the ingress controller:

10.0.10.21:9092
10.0.10.21:27017
10.0.10.21:9000

πŸŽ‰ A recap

Exposing tcp and udp services like database in Kubernetes using Nginx Ingress Controller is so easy, let's try it on your own and have a wonderful day!