Traefik, metallb, k8s. Can multiple ip address be pulled under one traefik instance?

TimMeade · July 13, 2021, 9:42pm

So i have been playing with this over the last 6 months or so, and just spent about 3 days with the latest blog posts and versions of everything.

Latest of all software as of July 2021....

I have metallb and traefik installed pulling TLS from cloudflare.

When spun up everything works except one very small issue.

The metallb issues an IP (alternates between public ip group and private ip group in config. This is small issue, we want to specify which pool to draw from).

The traefik will route either web or websecure entries no problem. If websecure trafefik and cloudflare issue the correct cert and all good except everything must go through the external IP on the traefik service.

So the root question is; Can we use the metallb to issue new loadbalancer services and then have them route to the same traefik instance and all will have different IPs. Some external some private

traefik is in traefik namespace. metallb in metallb-system namespace. We are working in default namespace.

Step 1 - Deploy

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    run: nginx
  name: nginx-full
spec:
  replicas: 1
  selector:
    matchLabels:
      run: nginx-main-full
  template:
    metadata:
      labels:
        run: nginx-main-full
    spec:
      containers:
        - image: nginx
          name: nginx
          ports:
            - containerPort: 80

Step 2 is the expose below.

This WORKS just fine. But everything is going through one external IP on the traefik service.

k expose deploy nginx-full --port 80

When I do this by using (does not work);

kubectl expose deploy nginx-full --type=LoadBalancer --port 80,443

Everything looks correct. A new service appears with a new IP. The route appears in the dashboard. nothing really in logs. But the website never responds. It's like the router is not getting to the end service.

Step 3 (for both services)(note: we own local.dev so this generates valid cert for us)

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: nginx-deploy-full
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`full-priv.local.dev`)
      kind: Rule
      services:
        - name: nginx-full
          port: 80
  tls:
    certResolver: letsencrypt

Thoughts? I'm guessing it is something incredibly simple that I have missed somewhere.

Much thanks.....

Topic		Replies	Views
Using multiple metallb IP address pools with Traefik Traefik v2 kubernetes-ingress	2	2464	February 26, 2023
Using Traefik as Ingress on different MetalLB loadbalancerIP? Traefik v2 kubernetes-ingress	6	9220	January 10, 2023
Using multiple Traefik Load balancer services with different IPs Traefik v2 rancher , kubernetes-ingress	0	3649	August 28, 2023
Traefik using old metallb ip address Traefik v2 kubernetes-ingress	0	421	January 17, 2023
Connection to backend service times out when running multiple Traefik pod instances Traefik v2 kubernetes-crd , kubernetes-ingress , ping , tcp	1	1854	December 23, 2020

Traefik, metallb, k8s. Can multiple ip address be pulled under one traefik instance?

Related topics