Using a Microk8s Kubernetes Ingress as a Reverse Proxy for External Web Servers

Fairly early in the Kubernetes journey you are told about Ingress Controllers. They take an incoming connection (usually HTTP or HTTPS) and direct it to one or more services based on the path referred to in the incoming connection. In the case of the NGINX Ingress Controller it is literally a reverse proxy that is used as a frontend for services.

If you happen to need a reverse proxy (for example to provide authentication for your Let's Encrypt SSL certificate automatic renewal) it looks tantalisingly like it should be easy to do this from your Microk8s cluster. And with the benefit of MetalLB (Bare metal Load Balancer) it should be possible for this to keep working if one of the nodes should fail.

This turned out to be far harder than expected. Only by combining a lot of separate examples and parts was it possible to accomplish this. Furthermore, this functionality is only really intended for use while you are in process of migrating an external service into a Kubernetes cluster.

Read More...

Debugging Kubernetes

Sometimes the easiest way to understand what is happening in Kubernetes is just to have a pod that runs Linux … a general Linux … Ubuntu will do nicely.

A big shout out to Tim Downey for this article (https://downey.io/notes/dev/ubuntu-sleep-pod-yaml/) that lets you create a pod which you can exec and then just add the tools you need to to figure out what is going on from the inside of your cluster when it doesn't make sense from the outside. Read More...

Kubernetes Ingress and Externals

My microk8s decided to update its Ingress component. While trying to be helpful this actually disabled my redirections to internal web sites. The reason for the failure was that the syntax for configuring the externals has changed. Read More...