I am trying to get a decent solution of exposing my services from a Kubernetes cluster hosted on local LXC containers.
The setup is as follows:
Host: Ubuntu 18.04 running a LXC cluster.
Inside the LXC there is a Charmed Distribution Of Kubernetes which is running my apps and another container running a NGINX reverse proxy.
I've also setup a Metallb load-balancer inside kubernetes and use all k8s services which needs internet exposing as LoadBalancer:
apiVersion: v1
kind: Service
metadata:
namespace: blazedesk
name: blazedesk-sdeweb-server
labels:
app: blazedesk
spec:
ports:
- port: 80
targetPort: 80
name: "http"
- port: 443
targetPort: 443
name: "https"
selector:
app: blazedesk
tier: sdeweb-server
type: LoadBalancer
How I did it so far was to redirect all http and https traffic coming to the main host to NXGINX reverse-proxy:
lxc config device add proxy myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80 proxy_protocol=true
lxc config device add proxy myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443 proxy_protocol=true
Nginx is then configured to redirect traffic matching DNS addresses to k8s services external-ips:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/blazedesk-sdeweb-server LoadBalancer 10.152.183.215 10.190.26.240 80:31476/TCP,443:31055/TCP 17d
proxy_pass https://10.190.26.240;
As you can imagine, this setup implies lots of manual work, especially if the k8s services are restarted and new ips are allocated by metallb loadbalancer.
Is there a simpler way to redirect the traffic from the hosts directly to a kubernetes ingress, somehow bypassing LXC layer?
