https://github.com/anande/gitops

journey towards self hosting opensource gitops tech
https://github.com/anande/gitops

argo cert-manager crossplane excalidraw gitea gitea-actions grafana harbor helm keycloa kubernetes kustomize loki metallb minio nginx prometheus

Last synced: 3 days ago
JSON representation

journey towards self hosting opensource gitops tech

• Host: GitHub
• URL: https://github.com/anande/gitops
• Owner: anande
• Created: 2025-01-19T15:39:29.000Z (about 1 year ago)
• Default Branch: master
• Last Pushed: 2025-02-19T16:10:03.000Z (about 1 year ago)
• Last Synced: 2025-02-19T17:24:13.590Z (about 1 year ago)
• Topics: argo, cert-manager, crossplane, excalidraw, gitea, gitea-actions, grafana, harbor, helm, keycloa, kubernetes, kustomize, loki, metallb, minio, nginx, prometheus
• Language: Smarty
• Homepage:
• Size: 3.72 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 5
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
To configure two services in different namespaces within the same k3d cluster to use Traefik as an Ingress controller, while ensuring they have different external IPs, follow these steps:

## Overview

Traefik typically uses a LoadBalancer service type, which may assign the same external IP to multiple services if they share the same Ingress class and configuration. To achieve distinct external IPs for different services, you can utilize MetalLB in conjunction with Traefik to manage multiple external IPs.

## Step-by-Step Guide

### Step 1: Install MetalLB

1. **Install MetalLB**:

   First, you need to install MetalLB in your k3d cluster. You can do this by applying the MetalLB manifest:

   ```bash

   kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.7/manifests/namespace.yaml

   kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.7/manifests/metallb.yaml

   ```

2. **Configure MetalLB**:

   Create a ConfigMap for MetalLB to define the IP address pool it can use. Replace `` with a range of IPs you want to allocate (e.g., `192.168.1.200-192.168.1.250`).

   ```yaml

   apiVersion: v1

   kind: ConfigMap

   metadata:

     namespace: metallb-system

     name: config

   data:

     config: |

       layer2:

         addresses:

           - 

   ```

   Apply this configuration:

   ```bash

   kubectl apply -f your-configmap.yaml

   ```

### Step 2: Configure Traefik with Multiple Services

1. **Create Ingress Resources**:

   Create separate Ingress resources for each service in their respective namespaces, specifying different hostnames.

   Example for Service 1 (`service1.yaml`):

   ```yaml

   apiVersion: networking.k8s.io/v1

   kind: Ingress

   metadata:

     name: service1-ingress

     namespace: namespace1

     annotations:

       kubernetes.io/ingress.class: "traefik"

   spec:

     rules:

       - host: service1.local

         http:

           paths:

             - path: /

               pathType: Prefix

               backend:

                 service:

                   name: service1

                   port:

                     number: 80

     tls:

       - hosts:

           - service1.local

         secretName: service1-tls-secret  # Ensure you have created this TLS secret if needed.

   ```

   Example for Service 2 (`service2.yaml`):

   ```yaml

   apiVersion: networking.k8s.io/v1

   kind: Ingress

   metadata:

     name: service2-ingress

     namespace: namespace2

     annotations:

       kubernetes.io/ingress.class: "traefik"

   spec:

     rules:

       - host: service2.local

         http:

           paths:

             - path: /

               pathType: Prefix

               backend:

                 service:

                   name: service2

                   port:

                     number: 80

     tls:

       - hosts:

           - service2.local

         secretName: service2-tls-secret  # Ensure you have created this TLS secret if needed.

   ```

### Step 3: Assign External IPs

To assign different external IPs to each Ingress resource, modify the Traefik service to use specific external IPs.

1. **Edit Traefik Service**:

```yaml

apiVersion: v1

kind: Service

metadata:

  name: traefik-service

  namespace: kube-system  # Adjust based on your setup.

spec:

  type: LoadBalancer

  selector:

    app: traefik  # Ensure this matches your Traefik deployment.

  ports:

    - port: 80

      targetPort: 80

    - port: 443

      targetPort: 443

  externalIPs:

    - 

    - 

```

### Step 4: Update `/etc/hosts`

To access your services via their hostnames, add entries to your `/etc/hosts` file:

```

 service1.local

 service2.local

```

### Step 5: Verify Configuration

Check that both services are accessible via their respective hostnames and that they respond correctly.

```bash

kubectl get ingress --all-namespaces

```

This setup allows you to use Traefik with multiple services in different namespaces while ensuring they have distinct external IPs by leveraging MetalLB's capabilities within your k3d cluster.

Citations:

[1] https://community.traefik.io/t/using-multiple-traefik-load-balancer-services-with-different-ips/19654

[2] https://community.traefik.io/t/accessing-the-cluster-with-ingressroute/1809

[3] https://stackoverflow.com/questions/68547804/how-to-expose-two-apps-services-over-unique-ports-with-k3d

[4] https://community.traefik.io/t/usage-of-publishedservice-in-externalip-setup/9971

[5] https://forums.rancher.com/t/running-k3s-with-traefik-on-a-second-entwork-interface/39163

[6] https://k3d.io/v5.1.0/usage/exposing_services/

[7] https://github.com/k3d-io/k3d/issues/960

[8] https://docs.rancherdesktop.io/how-to-guides/traefik-ingress-example/