Hey everyone! I'm looking for some advice on exposing services in Kubernetes using Cloudflare and an ingress controller. I've followed a reference guide but I'm still not having much luck, and I can't seem to find any logs that explain the issue. If anyone has experience with this setup, I'd love to hear your tips or insights!
5 Answers
I implemented this at my company, and it works great! We have a cloudflared deployment for each K8s cluster, which configures tunnels via a configmap. Just set up your DNS in CloudFlare to point to the correct tunnels. Plus, consider the zero trust option if you want to restrict access instead of opening everything up.
I've got a home cluster that's using a private ingress along with cloudflared, and it's working flawlessly! If you set it up correctly, it should be straightforward to access your services from the internet without issues.
Check out the GitHub repo for the Cloudflare operator; it might be what you need. However, just a heads up, it seems like there might be some confusion with K8s and DNS fundamentals. The author might need a LoadBalancer type service upfront to handle the DNS. I'd recommend using ExternalDNS with the Cloudflare plugin to make it easier to manage DNS records. You’ll need to use a Cloudflare API token for that.
I’m not completely sold on that suggestion. It seems like the initial setup might need adjusting. Maybe start with ExternalDNS, but you also need to double-check the basics of K8s and DNS connection.
Oh, I see what you’re getting at with DNS! Getting that right is definitely key to making sure everything functions properly.
You might want to stick to the article you’re following but skip the external DNS step. Just install an ingress controller and set up your ingress resources. Make sure to add your ingress controller details in the cloudflared values.yaml file, and it should route correctly. Don't sweat the annotations, just focus on getting the tunnel and service names right.
That’s a solid plan! I have a similar setup, but updating the configmap for each new endpoint can be a hassle. I wonder if automating it with ArgoCD could help streamline things.