Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Design and implement an ingress networking solution #19

Open
mischavandenburg opened this issue Dec 19, 2024 · 2 comments
Open

Design and implement an ingress networking solution #19

mischavandenburg opened this issue Dec 19, 2024 · 2 comments
Labels
infrastructure

Comments

@mischavandenburg
Copy link
Owner

The VM needs to be accessible from the internet as we are hosting public endpoints.

Investigate:

Do we need to use an Azure Load Balancer for this?

Or can we use the VM Public IP address?

When we use the VM Public IP address directly, we will need:

NSG's for the subnet that the VM is in to allow traffic to reach the Ingress Controller for k3s (Traefik)
@ams0
Copy link

ams0 commented Dec 21, 2024

My suggestion:

  • stay away from built-in Traefik or any old-skool ingresses, and go with Envoy Gateway or Istio Ambient mode
  • Even a single VM cluster can leverage Loadbalancer-type services if you deploy the Azure Cloud Controller Manager. Here's my sample repo (from a couple years back but I think still valid): https://github.com/ams0/k3s-azureccm

@mischavandenburg
Copy link
Owner Author

Thanks for the suggestion @ams0 !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
infrastructure
Projects
Phase 0 - So It Begins
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ams0 @mischavandenburg