Thanks for your reply, i havent look into metallb before but i will try it out!
Comment on Questions regarind k8s ingress
boblin@sh.itjust.works 2 weeks ago
To get nginx ingress to use the external clients IP, you can configure the ingress controllers traffic policy. Using the helm chart, I used these values:
controller: priorityClassName: cluster-service service: # this has a bunch of downsides, but allows source-ip based access white/deny listing. externalTrafficPolicy: Local
For the ingress IP, I configured metal-lb to receive traffic on a static IP (using IP4AddressPool and L2Advertisement CRDs from metal-lb), which is then used for the port forwarding. I’ve never tested it because I only have a single worker node, but I expect the metal-lb controller will receive traffic to that same static IP if a node goes down.
Hercules@lemmy.world 2 weeks ago
eutampieri@feddit.it 2 weeks ago
It should (I have MetalLB but I never tested this specifically)
Hercules@lemmy.world 2 weeks ago
And does this work for ingress? I searched a little bit around but as far as i understand metallb is for k8s services?
boblin@sh.itjust.works 2 weeks ago
Ingress controllers usually use the standard k8s services. In fact metal-lb allows workloads (like the nginx ingress controller) in the cluster to use services of type LoadBalancer, which is the default configuration. This results in an actual IP being made available to your ingress controller.
Hercules@lemmy.world 2 weeks ago
Oh alright, thanks for explaining!