Posting this here in case someone else comes across the same issues I had and needs help.
With everything on bare metal-metal in a traditional home network using a router, I wanted to expose apps on the web with only limited points of entry into the cluster (ports 80 and 443 for http and https traffic respectively), without opening any more ports than necessary and keeping workloads and services safe behind ClusterIP networking (no need to expose ports for workloads and services with NodePort).
None of my nodes have a public IP, only my router does.
Ingress was the answer, as it can route traffic based on different hostnames all the while using the same IP address.
Because the nodes in my cluster were all inside a private home network, there were no straightforward instructions on how to do this.
Additionally, I wanted to use xip.io to generate free URLs for testing purposes that worked over the WWW, but the
Automatically generate a .xip.io hostname option when adding ingress through the Rancher UI would only work on my local network, not the web.
I banged my head on this for days.
But I finally figured it out and it’s easy as pie.
First, we need to go into the router’s settings and do some port forwarding.
Say your router’s public IP is
126.96.36.199 and you have a node on your cluster whose internal private IP on the home network is
In your router’s settings, forward all port
443 traffic to ports
443 of one of your nodes so that it essentially looks like something like this:
Once that is done, go back to Rancher and click on
Add Ingress under
Load Balancing, unfortunately
Automatically generate a .xip.io hostname will still use your node’s private IP in your home network and only work locally.
Instead, you can just select
Specify a hostname to use and use your public IP with
xip.io like so:
Now configure the rest of your ingress, I just leave everything at their defaults for now, I use
Service instead of
Now, when navigating to
188.8.131.52.xip.io on your browser, you should be able to access the service you selected in the Ingress you added over the web.
If you want to add other services using xip.io you can, just add subdomains, for example:
It might look like magic but the way it works is by hostname, so you can literally have any domain name point to the same public IP, Ingress will know where to forward the traffic and which service/workload to use based on the hostname, which I find brilliant.
Lastly, if you want to use an actual domain name: in the DNS settings from your domain name provider set an
A Record that points to your Router’s public IP. Using our current example that would be
On Rancher add an Ingress and specify that same domain name.
Same concept. Hopes this helps!