Forums
VHT Forums
Kubernetes and Cont...
Kubernetes Ingresse...
 
Notifications
Clear all

Kubernetes Ingresses Expose to the Public

 
Kubernetes and Containers
Last Post by Brandon Lee 10 months ago
8 Posts
2 Users
2 Reactions
777 Views
RSS
Posts: 4
 Bowen Jnr
Topic starter
Jan 10, 2024 3:50 am
(@bowenjnr)
Active Member
Joined: 10 months ago

I have bootstrapped k3s cluster on 4 virtual servers, the configuration for the loadbalancer metallb is as follows; kind: L2Advertisement and IP address pol is 10.0.0.20-10.0.0.80 which is from a private network subnet on eth01. The nginx ingress controller gets assigned 10.0.0.21. I have ingresses which now have an external IP 10.0.0.21 which I now want to expose to the external traffic. So now one of the ingresses is ui.sandbox.example.com with an external IP 10.0.0.21, On My cpanel I would want to have ui.sandbox.example.com created as an 'A record' pointing to an IP that sends traffic to 10.0.0.21.

Quite essentially have a public IP of the host machine serve the above.

Topic Tags
loadbalancer kubernetes
7 Replies
Brandon Lee
Posts: 395
 Brandon Lee
Admin
Jan 10, 2024 2:18 pm
(@brandon-lee)
Member
Joined: 14 years ago

@bowenjnr nice! What platform are you running your k3s cluster on top of? Is this Proxmox? Also, I may be missing something here, but you are just wanting to forward traffic from the Internet to your internal private IP assigned by MetalLB to your ingress controller? What type of firewall are you using?

Reply
Posts: 4
 Bowen Jnr
Topic starter
Jan 10, 2024 2:40 pm
(@bowenjnr)
Active Member
Joined: 10 months ago
  • K3s is not on top of anything, no Proxmox and the firewall is also turned off. I just want to forward traffic from the Internet to my internal private IP assigned by MetalLB to my ingress controller.
Reply
Brandon Lee reacted
1 Reply
Brandon Lee
 Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 395
Jan 10, 2024 8:46 pm
Reply toBowen Jnr

@bowenjnr Gotcha. Do you have some type of firewall appliance in front of your k3s nodes that is protecting your Internet traffic coming in from your circuit? Are you running something like pfSense, etc? You would just need to configure port forwarding and the right firewall rules to allow traffic from the public side into your internal network to hit the private IP assigned by MetalLB.

Reply
Posts: 4
 Bowen Jnr
Topic starter
Jan 11, 2024 2:22 am
(@bowenjnr)
Active Member
Joined: 10 months ago

There is nothing firewall running, thanks for the suggestion. I tried to use IPTables but nothing was getting through.

Reply
Brandon Lee reacted
1 Reply
Brandon Lee
 Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 395
Jan 13, 2024 5:37 pm
Reply toBowen Jnr

@bowenjnr Let's start with the basics on troubleshooting. Before diving into external access (outside your network), let's focus on internal network testing. Are you saying that you can't connect to your 10.0.0.21 IP and see any of the containers internally?

Posted by: @bowenjnr

The nginx ingress controller gets assigned 10.0.0.21

ย 

Reply
Posts: 4
 Bowen Jnr
Topic starter
Jan 13, 2024 6:25 pm
(@bowenjnr)
Active Member
Joined: 10 months ago

I did setup a reverse proxy using nginx and now the diagnosis led me to one problem, the local SSL. The error I was getting on Postman Client is 404 and the logs on nginx ingress controller is that of No local SSL certificate found for the services that the postman request affected.

Reply
1 Reply
Brandon Lee
 Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 395
Jan 13, 2024 6:36 pm
Reply toBowen Jnr

@bowenjnr Can you post some screenshots of your configuration in Nginx? It is sounding like something may not be routing correctly to your internal services.

Reply
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  loadbalancer (1) , kubernetes (13) ,

Currently viewing this topic 1 guest.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com