On Premise Ingress Setup

Configuring Ingress for on-premise installations

After installing an on-premise Kubernetes cluster you may need to expose it to the external world to serve incoming requests.

Kubernetes API Server is configured to serve incoming requests on port 443. For user traffic, Kublr exposes the following ports:

  1. 30080 — HTTP traffic
  2. 30443 — HTTPS traffic

You will need to configure your traffic to be redirected to these ports. If you use a software load balancer like HAProxy, then your configuration (/etc/haproxy/haproxy.cfg) may look like this:


frontend workload
    bind 192.168.31.204:443
    bind 127.0.0.1:443
    mode tcp
    option tcplog
    default_backend workload

backend workload
    mode tcp
    option tcplog
    option tcp-check
    balance roundrobin
    default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
        server node1 192.168.31.201:30443 check
        server node2 192.168.31.202:30443 check
        server node3 192.168.31.203:30443 check

This configuration will accept traffic on 192.168.31.204:443 and will forward requests to three servers (node1, node2, node3) using round robin balancing. Additional configuration options are described in HAProxy Configuration Manual


Questions? Suggestions? Need help? Contact us.