How to Configure Nginx as a TCP Load Balancer for Kubernetes Applications
This guide walks through installing Nginx on a CentOS VM, opening firewall ports, disabling SELinux enforcement, extracting NodePort values from a Kubernetes cluster, editing the Nginx configuration to proxy TCP traffic, and testing the load balancer with a sample deployment.
Prerequisites
Assume a Kubernetes cluster is already deployed. Create a CentOS 8 Minimal virtual machine for Nginx (IP 192.168.1.50) and note the master (192.168.1.40) and two worker nodes (192.168.1.41, 192.168.1.42).
Step 1: Install the EPEL repository
dnf install epel-release -yStep 2: Install Nginx
dnf install nginx -yrpm -qi nginxStep 3: Open firewall ports for HTTP and HTTPS
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reloadStep 4: Set SELinux to permissive and reboot
sed -i s/^SELINUX=.*$/SELINUX=permissive/ /etc/selinux/config
rebootStep 5: Retrieve NodePort values from the ingress‑nginx namespace
kubectl get all -n ingress-nginxThe output shows that each worker node maps NodePort 32760 to port 80 and NodePort 32375 to port 443. These ports will be used in the Nginx configuration.
Step 6: Configure Nginx for TCP load balancing
vim /etc/nginx/nginx.confIn the configuration file, comment out the original server block (lines 38‑57) and add the following sections:
upstream backend {
server 192.168.1.41:32760;
server 192.168.1.42:32760;
}
server {
listen 80;
location / {
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
proxy_send_timeout 1800;
send_timeout 1800;
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-By $server_addr:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://backend;
}
location /nginx_status {
stub_status;
}
}Step 7: Start and enable the Nginx service
systemctl start nginx
systemctl enable nginxStep 8: Test the TCP load balancer
Deploy a simple Nginx deployment in the cluster and expose it as a NodePort:
kubectl create deployment nginx-deployment --image=nginx
kubectl expose deployment nginx-deployment --name=nginx-deployment --type=NodePort --port=80Update the local /etc/hosts file so that nginx-lb.example.com resolves to the Nginx VM (192.168.1.50):
echo "192.168.1.50 nginx-lb.example.com" >> /etc/hostsAccess http://nginx-lb.example.com in a browser. The request is forwarded to the two worker nodes via their NodePort 32760, confirming that Nginx successfully balances TCP traffic across the Kubernetes nodes.
Conclusion
The experiment demonstrates that Nginx can act as a TCP load balancer for Kubernetes workloads, distributing traffic on port 80 to the underlying worker nodes’ NodePort services. This approach extends Nginx’s capabilities beyond HTTP/HTTPS and provides a simple, open‑source solution for TCP load balancing in cloud‑native environments.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.