Ingress Nginx with Metallb

I’ve installed Metallb on my cluster.

Now I would like that my Nginx ingress use it instead of exposing each Nginx pod on node port.

That way I could use the sticky session in it for some project and different paths on the same domain.

Is there a way to configure this that will not break the config of the ingress when I add a new service discovery in the UI?

TL;DR: how to expose the ingress controller on the load balancer?

I use metallb as well, but I use it completely separate from ingresses.
My use case is getting access to services that communicate over TCP or UDP but not http.
For that I create LoadBalancer’s by importing a yaml file.

It would be nice if Rancher had support for LoadBalancers via metallb if it’s a custom cluster.

Anywho if your goal is sticky sessions, that can already be done via the nginx-ingress.

Check out: https://github.com/rancher/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md

What I need, is a single IP adress for the Ingress. I thought I could use metal lb to redirect to the ingress.

I suppose you could do that.

As far as getting rid of the NodePort option, there’s a chance that upgrades would override any changes you made to the DaemonSet, thereby adding the nodeports back in.

But you could just leave the NodePorts there and ignore them.

As to creating a LoadBalancer that forwards to ingress-nginx you could import this which I think would do it:

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx-loadbalancer
  namespace: ingress-nginx
  labels:
    app: ingress-nginx
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 80
    targetPort: http
  - name: https
    port: 443
    targetPort: https
  selector:
    app: ingress-nginx

If you really wanted to remove the NodePorts, just edit the yaml of the ingress-nginx DaemonSet and remove the nodeports line from the ports section in the container. I think that would do it, at least until an upgrade happened and overrode your changes. (not sure if they would or not, but I suspect they might)

Also, it should be noted that using a LoadBalancer via MetalLB Layer 2 mode is probably not a good idea, as all your traffic would be running through that LoadBalancer and could become bottlenecked see this for more info.

BGP mode would be fine though!

1 Like