After a couple of days I got all working as I expected. This is the list of main tools I put together:
- K3S (Kubernetes lightweight implementation, best for IoT devises)
- MetalLB (load balancer handler)
- Traefik v2 (Automatic & dynamic routing)
About K3s and MetalLB, by default K3s installs KlipperLB, this is a very simple LoadBalancer. In my case, when I installed this blog I found all logs were using PODs internal IPs and not visitors data. To fix this problem, MetalLB let’s you pass this information, we will see how this works in this post.
The best place for docs is their website https://rancher.com/docs/k3s/latest/en/installation/install-options/
No special steps except that we need to disable servicelb and traefik. This is the line Im using for this:
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--write-kubeconfig-mode 644 --no-deploy servicelb --disable traefik" sh -
As we did it with K3S, their website has an excellent docs https://metallb.universe.tf/
For me, I’m using this with a normal router so I’m using layer2 for the config, you can use a config like the following:
apiVersion: v1 kind: ConfigMap metadata: namespace: metallb-system name: config data: config: | address-pools: - name: default protocol: layer2 addresses: - 192.168.1.240-192.168.1.250
A critical point to understand is the address range that you need to config. Here for example we’re using 192.168.1.240/250, meaning that our DHCP needs to have that range as part of the addresses.
For this example, our DHCP needs to work for 192.168.1.1 to 192.168.250 and to define this range we need to know a portion of that range we’re not using, for example, a portion of the range: 192.168.1.240/250.
You need to follow a normal installation for Kubernetes, you can use Helm or Kustomization (I recommend this, its simpler to mantain).
You can see the docs https://docs.traefik.io/
Checking all from outside
The trick it’s to understand what and how to expose Traefik in our cluster to the public.
Any service we want to access from outside it must be:
If you need to passthrough a visitor data, for example the IP, the LoadBalancer needs to have this setting:
For example if we want to create a service exposing port 80 as a load balancer and pass the visito IP to our PODs:
--- apiVersion: v1 kind: Service metadata: name: my-service spec: type: LoadBalancer externalTrafficPolicy: Local ports: - port: 80 name: web targetPort: "web" protocol: "TCP"
I hope this post help others trying to setup this tools, it took me a couple of days to understand how to make it work all in one cluster.
One good thing I found is using Kustomization, this is much better tool as Helm in my opinion.