https://rancher.com/ logo
#k3s
Title
l

lively-night-78214

12/08/2022, 5:09 AM
Looking at the architecture on https://docs.k3s.io/architecture#single-server-setup-with-an-embedded-db to try and understand really where the load balancer sits and operates from. My understanding is that
servers
actually run Traefik and this acts as the load balancer. I am planning to use a single server so I would like to understand if i actually need to spin my own load balancer solution, how and if not if indeed the loadbalancer is actually withing the Server Node
c

creamy-pencil-82913

12/08/2022, 10:11 AM
this one?
all the nodes can run traefik
by default only a single replica is requested
l

lively-night-78214

12/08/2022, 10:11 AM
oh actually you answered
ok
so if i point an application domain
c

creamy-pencil-82913

12/08/2022, 10:12 AM
but the LoadBalancer is accessible on all the nodes
l

lively-night-78214

12/08/2022, 10:12 AM
lets say my amazing app ... and run it on this k3s cluster
where should the DNS point
c

creamy-pencil-82913

12/08/2022, 10:12 AM
so just point it at 80/443 on all the nodes
👍 1
l

lively-night-78214

12/08/2022, 10:12 AM
to node(s) or to server(s)
ok so nodes, not server
c

creamy-pencil-82913

12/08/2022, 10:13 AM
Traefik creates a LoadBalancer Service on 80/443. ServiceLB in turn forwards 80/443 on all the nodes to your Traefik pod (wherever it is) to expose that Service
l

lively-night-78214

12/08/2022, 10:14 AM
great, more complex that what i used to use but these days it looks like i cant do it without Kubernetes
i think i will experiment more today and maybe look up a k3s intro video on youtube
or something
c

creamy-pencil-82913

12/08/2022, 10:15 AM
ServiceLB is actually pretty simple. Without it you would need to muck about with Kube-vip or metallb or something
l

lively-night-78214

12/08/2022, 10:15 AM
and each app deployment can deploy its LB right ?
ie even if i run multiple apps on the same 80/443 ports
interesting how some names in labelling still uses
cattle
naming
c

creamy-pencil-82913

12/08/2022, 10:19 AM
You can only use a port on a single service. If you try to use the same port for another service it will hang in pending until the other thing using the port goes away
If you want to have multiple domains or something behind a single host, the normal way to do that would be to use an Ingress resource to describe the routing of the request to a cluster service based on the hostname
So a.foo.com goes to service A, b.foo.com goes to service B
l

lively-night-78214

12/08/2022, 10:21 AM
ok so i indeed need an ingress
c

creamy-pencil-82913

12/08/2022, 10:25 AM
you have an ingress controller in Traefik. you need to create ingress resources to tell it how to forward requests to your services.
l

lively-night-78214

12/08/2022, 10:26 AM
i remember ingress indeed. I had not clue though of this difference between Service LB and Ingress
again thank you
time to play a bit more
c

creamy-pencil-82913

12/08/2022, 10:27 AM
Services are layer 3, Ingresses are layer 7.
You need both for things to work, if you’re doing it right
l

lively-night-78214

12/08/2022, 10:31 AM
i think i will need to spend sometime around these pages once i fix this TLS issue
one of the other problems once i work this out is converting my Rancher 1.x apps to k3s
c

creamy-pencil-82913

12/08/2022, 10:35 AM
oh yeah, 1.x is basically docker on steroids right? thats before my time.
l

lively-night-78214

12/08/2022, 10:47 AM
Lol yes it is but you dont need to mess around more inception and other contexts that k8s brings
i still dont know how i will achieve parity
i am a bit reluctant to switch from docker-compose to anything else