Ingress Nginx with Metallb

ml2 · October 4, 2018, 9:42pm

I’ve installed Metallb on my cluster.

Now I would like that my Nginx ingress use it instead of exposing each Nginx pod on node port.

That way I could use the sticky session in it for some project and different paths on the same domain.

Is there a way to configure this that will not break the config of the ingress when I add a new service discovery in the UI?

TL;DR: how to expose the ingress controller on the load balancer?

kabaldwin · October 11, 2018, 1:48pm

I use metallb as well, but I use it completely separate from ingresses.
My use case is getting access to services that communicate over TCP or UDP but not http.
For that I create LoadBalancer’s by importing a yaml file.

It would be nice if Rancher had support for LoadBalancers via metallb if it’s a custom cluster.

Anywho if your goal is sticky sessions, that can already be done via the nginx-ingress.

Check out: https://github.com/rancher/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md

ml2 · October 18, 2018, 4:02pm

What I need, is a single IP adress for the Ingress. I thought I could use metal lb to redirect to the ingress.

kabaldwin · October 18, 2018, 8:31pm

I suppose you could do that.

As far as getting rid of the NodePort option, there’s a chance that upgrades would override any changes you made to the DaemonSet, thereby adding the nodeports back in.

But you could just leave the NodePorts there and ignore them.

As to creating a LoadBalancer that forwards to ingress-nginx you could import this which I think would do it:

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx-loadbalancer
  namespace: ingress-nginx
  labels:
    app: ingress-nginx
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 80
    targetPort: http
  - name: https
    port: 443
    targetPort: https
  selector:
    app: ingress-nginx

If you really wanted to remove the NodePorts, just edit the yaml of the ingress-nginx DaemonSet and remove the nodeports line from the ports section in the container. I think that would do it, at least until an upgrade happened and overrode your changes. (not sure if they would or not, but I suspect they might)

Also, it should be noted that using a LoadBalancer via MetalLB Layer 2 mode is probably not a good idea, as all your traffic would be running through that LoadBalancer and could become bottlenecked see this for more info.

BGP mode would be fine though!

Topic		Replies	Views
How to use metallb and nginx ingress with rke Rancher 2.x	1	9621	February 25, 2021
Rancher Loadbalancer for workloads best practices	5	365	April 17, 2023
Ingress with MetalLB. Best Practice for directing internet traffic from one port to multiple services Rancher 2.x	1	1109	September 2, 2019
Service with type NodePort Rancher 2.x	4	5319	May 29, 2018
Ingress understanding	1	538	April 22, 2020

Ingress Nginx with Metallb

Related Topics