Kubernetes Ingress for Mosh

The pods were live, traffic was coming in hard, and the default Kubernetes service routing was not enough. You needed speed, reliability, and low-latency interaction for sessions that could drop and reconnect without breaking state. That is where Kubernetes Ingress for Mosh changes the game.

Mosh (mobile shell) is built for unstable networks. It keeps SSH-like sessions alive through network changes and interruptions. On Kubernetes, exposing Mosh to the internet is not as straightforward as a basic HTTP app. Mosh uses UDP, with ports negotiated dynamically. Standard HTTP Ingress controllers like NGINX or Traefik are tuned for TCP. To run Mosh in Kubernetes, you must configure ingress and networking layers that support UDP.

The cleanest setup uses a Kubernetes Service of type LoadBalancer or NodePort with UDP port ranges open. First, run the Mosh server container and expose the UDP range (default 60000–61000) along with port 22 for SSH. This range must match both your deployment spec and your firewall rules. Once exposed, configure your cloud provider’s load balancer with those UDP ports. If you need hostname routing, use an Ingress controller that supports UDP, like HAProxy Ingress or an NGINX build with stream module enabled.

In the cluster, define a ConfigMap for the Ingress controller to map incoming UDP ports directly to the Mosh service. This bypasses HTTP routing and sends raw UDP traffic straight to Mosh. Set externalTrafficPolicy: Local to preserve client IPs and minimize latency. Test connections by killing your network mid-session and watching Mosh reconnect without a hitch.

Integrating Kubernetes Ingress with Mosh gives remote engineering teams a stable, production-grade terminal interface from anywhere. It reduces downtime, eliminates dropped sessions, and improves developer workflows in environments with unpredictable connectivity.

Deploy it. Test it. See it live in minutes at hoop.dev.