Internal resolution of gateway
from xana@lemmy.zip to selfhosted@lemmy.world on 05 Jul 15:34
https://lemmy.zip/post/67369911

Hello fellow TCP users,

I am moving my homelab from Docker to Kubernetes (because I have nothing to do with my homelab anymore) and I am having an issue with services that need to be accessible both within the cluster and from the outside world on the same hostname.

For an example, supposedly you have two pods: A and B which are accessible via the Gateway with hostname a.example.com and b.example.com respectively. Pod A also need to contact Pod B so there are two ways to do this:

In Docker case, I can just set the alias of my reverse-proxy container to b.example.com and it is done. I am wondering is there anything I can do to get the traffic goes from pod A -> the gateway -> pod B in Kubernetes. Also is this a common issue or not because I don’t see a lot of articles about this issue on the internet :/

Thank you very much!

#selfhosted

threaded - newest

curbstickle_lw@lemmy.world on 05 Jul 17:35 next collapse

I just use an internal proxy with the same endpoint and same cert.

tburkhol@slrpnk.net on 05 Jul 17:44 next collapse

Dunno how well it would work with kubernates internal networks, but my DNS is configured with different views for internal and external clients. So, when letsencrypt does a lookup, they get the external IP, but when an internal client looks up the same name, they get the internal IP. TLS is happy, because the certificate matches the name. I’m happy because it works even when the ISP is down.

frongt@lemmy.zip on 05 Jul 17:55 collapse

Run a local DNS server with local records.