What are the best solutions to replace kubernetes port-forward

I am working on rancher server, k3s to improve my knowledge on these solutions.

I want to expose container services on LAN network, this is why I used kubectl port-forward.

kubectl port-forward --namespace=ns-name --address LAN-IP service/hello 30104:8080

But I can see in several web resources that is not a reliable solution, just for local testing purpose.

I tried to replace them by ingress but I am a bit lost between ingress, DNS and nginx-ingress in addition to rancher component.
I understood than load balancer need a cloud provider, to have a public IP for instance, and handle the <pending> state of load balancer.

Can you highlight me on how replace port-forward in LAN without a cloud provider?

I don’t think this is considered the best way, but I have an haproxy host outside my Kubernetes cluster with a wildcard DNS pointed at it and it then points everything at the worker nodes (which are RKE2 so all have nginx-ingress-controller by default) in round robin. Then ingress can be set with any hostname within the wildcard DNS and it gets through.

There are a lot of other solutions, though.

Same here, but without any ingress services, and unique fqdns on hap, not *.

You could technically put the hostnames you want to test in your local hosts file (/etc/hosts on *NIX and Windows has one too in something like C:\Windows32\CONFIG…\hosts) pointing to your haproxy and still set up the ingresses the same way. If you don’t have admin on your box if you have a VM you could try from there or even boot from a live CD/DVD.

You do need an ingress controller set up in such a way your haproxy points to still, but that’d get around your DNS issue for testing anyway and you could go through requesting actual DNS entries later.


First all all Hi, i missed it in my first post (bad use from stckovflw).

I answer late because i had to learn some sub concept. Now i want to add some informations, first to expose my need more precisely , and second to understand what you purpose.

  • Expose my need more precisely

My needs is to replace kubectl port-forward

  1. understand what are ways to replace
  2. check if HAproxy, MetalLB or simple DNS server answer my need
  3. [edit] understand why i can forward from host machine with kubectl but why i need another entities to forward from oustide the host machine
  4. finally understand what are the blurred network or other concepts that are away from my knowledge


  • Understand what you purpose

I tried to understand how HAProxy, MetalLB or others can be serve my need but some concept are still blurred.

  1. does an HAproxy container can replace port-forward with this new informations
  2. can it be in a container ?

I would have to write some other questions but i don’t want to go in every direction.

Thank for your time,
Best regards

Well, there are several things to say and it depends on what you want.

  1. If you want to refer to things via a hostname rather than an IP, then you need DNS. If you are fine with IPs you can skip DNS.
  2. To use an ingress, you need an ingress controller running. RKE2 runs one by default and I assume k3s does too but I haven’t used it and you might want to verify.
  3. An ingress is used to map a Kubernetes service to some hostname and/or IP and/or port and/or URL path.
  4. A network request for the resource has to get to a load balancer (external like HAProxy or internal like MetalLB) or an ingress controller node with the request matching the ingress rule. You can do that in a lot of ways (if you use a wildcard DNS to a load balancer then you can use hostnames, regardless you can use ports or paths, so in the simplest case if you have an ingress controller running on node listening on port 80 & 443, then you can set an ingress for the path so that /service1 points to your service and then access it with (or https).

You’re going to need to look at the concepts and decide what meets your needs and makes the most sense for you. Hope that helps.