Kubernetes Ingresse...
 
Notifications
Clear all

Kubernetes Ingresses Expose to the Public

8 Posts
2 Users
2 Reactions
884 Views
Posts: 4
Topic starter
(@bowenjnr)
Active Member
Joined: 11 months ago

I have bootstrapped k3s cluster on 4 virtual servers, the configuration for the loadbalancer metallb is as follows; kind: L2Advertisement and IP address pol is 10.0.0.20-10.0.0.80 which is from a private network subnet on eth01. The nginx ingress controller gets assigned 10.0.0.21. I have ingresses which now have an external IP 10.0.0.21 which I now want to expose to the external traffic. So now one of the ingresses is ui.sandbox.example.com with an external IP 10.0.0.21, On My cpanel I would want to have ui.sandbox.example.com created as an 'A record' pointing to an IP that sends traffic to 10.0.0.21.

Quite essentially have a public IP of the host machine serve the above.

7 Replies
Brandon Lee
Posts: 399
Admin
(@brandon-lee)
Member
Joined: 14 years ago

@bowenjnr nice! What platform are you running your k3s cluster on top of? Is this Proxmox? Also, I may be missing something here, but you are just wanting to forward traffic from the Internet to your internal private IP assigned by MetalLB to your ingress controller? What type of firewall are you using?

Reply
Posts: 4
Topic starter
(@bowenjnr)
Active Member
Joined: 11 months ago
  • K3s is not on top of anything, no Proxmox and the firewall is also turned off. I just want to forward traffic from the Internet to my internal private IP assigned by MetalLB to my ingress controller.
Reply
1 Reply
Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 399

@bowenjnr Gotcha. Do you have some type of firewall appliance in front of your k3s nodes that is protecting your Internet traffic coming in from your circuit? Are you running something like pfSense, etc? You would just need to configure port forwarding and the right firewall rules to allow traffic from the public side into your internal network to hit the private IP assigned by MetalLB.

Reply
Posts: 4
Topic starter
(@bowenjnr)
Active Member
Joined: 11 months ago

There is nothing firewall running, thanks for the suggestion. I tried to use IPTables but nothing was getting through.

Reply
1 Reply
Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 399

@bowenjnr Let's start with the basics on troubleshooting. Before diving into external access (outside your network), let's focus on internal network testing. Are you saying that you can't connect to your 10.0.0.21 IP and see any of the containers internally?

Posted by: @bowenjnr

The nginx ingress controller gets assigned 10.0.0.21

ย 

Reply
Posts: 4
Topic starter
(@bowenjnr)
Active Member
Joined: 11 months ago

I did setup a reverse proxy using nginx and now the diagnosis led me to one problem, the local SSL. The error I was getting on Postman Client is 404 and the logs on nginx ingress controller is that of No local SSL certificate found for the services that the postman request affected.

Reply
1 Reply
Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 399

@bowenjnr Can you post some screenshots of your configuration in Nginx? It is sounding like something may not be routing correctly to your internal services.

Reply