Exposing service of Kubernetes in bare metals
Exposing service of Kubernetes in bare metals.
If you tried k3s, k0s etc in bare metals, it is likely you find the ingress is a mess and find yourself lost. After endless search and tries, I think
local proxy combined with nodePort is the easiest solution.
external traffic -> proxy -> nodePort
For the proxy part, nginx and envoy are both good choice. I use envoy because of I need grpc-web.
Pro:
1. do not have to config ingress, which is not mature enough at the moment.
2. if you are migrating from docker-compose or traditional deployment. Your only need to change the proxy address and port. (not learning
ingress config).
3. just work!
Cons:
1. not everything in kubernetes. You either run the proxy as a service in VM or run the service in docker.
2. in kubernetes docs. NodePort is not recommended, because of port range limit, but with external proxy. it is not a problem.
envoy cluster config:
clusters:
- name: app_service
connect_timeout: 20s
type: logical_dns
http2_protocol_options: {}
lb_policy: round_robin
load_assignment:
cluster_name: app-server
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: IP_OF_NODE
port_value: 30009
service template:
apiVersion: v1
kind: Service
metadata:
name: app-server
namespace: your-namespace
labels:
app: app-server
spec:
type: NodePort
ports:
- name: http
port: 9090
targetPort: 9090
nodePort: 30009
selector:
app: app-server
---