MMiles
Posts Categories
MMiles

Contents

Ingress in the Raspberry Pi Cluster

 included in Tech
   446 words   3 minutes 

Accessing services running within the Raspberry Pi Cluster

Introduction

After deploying a few demo services in the Pi Cluster, I wanted to figure out how I could access them outside the cluster.

At the moment, this is still limited to access within the local network. It doesn’t yet cover hosting services that can be reached by machines outside my home network or using DNS.

Ingress Controllers

This video gives a good intro to ingress in bare metal clusters:

https://www.youtube.com/watch?v=k8bxtsWe9qw

The Ingress Controllers manage the Ingress resources, which are just config that states what internal cluster services/apps an external client should be routed to when they go to certain addresses.

K3s comes with the Traefik ingress controller out the box, but the nginx-ingress-controller is an alternative.

MetalLB

By default, the Traefik Ingress Controller created in the Pi cluster will be given the same external IP address as the master node.

MetalLB allows Ingress Controllers to be assigned different IPs (still within home network range).

I have installed it via the manifests rather than Helm (see the manifests/metallb/metallb-native.yaml file in this repo.

You also need to create a IpAddressPool, which defines which IPs in the local network can be assigned by MetalLB. I have chosen 192.168.0.100 - 192.168.0.120. Lastly, you need to create a L2Adverstisement.

The video above gives a good tutorial on how to install MetalDB in the cluster.

The image below shows the Traefik Ingress controller in the cluster. It has a type “LoadBalancer”, and that external IP was assigned by MetalLB.

/load-balancer.jpg

Accessing a Service

To demonstate access, I have created a homeassistant service to the cluster. The manifests are also stored in this repo.

It creates a service called homeassitant-service, and among other things also creates an Ingress resource which routes traffic to homeassistant.local to this service.

There are a few other quirks of getting homeassistant to run in the cluster (namely the addition of trusted proxies in /config/configuration.yaml), which are better explained in this article:

https://jaygould.co.uk/2024-01-01-setting-up-home-assistant-kubernetes-k3s/

You can then access the homeassistant service a few ways:

  • Port-forwarding the pod to localhost, and then accessing localhost from browser
  • Finding the homeassistant pod IP, and typing that into browser with port 8123. The pod IP will be the same as one of your Pi node IPs
  • Opening /etc/hosts/ on the machine you want to access from. The machine can be outside the cluster (e.g. not one of the Pis), but it must be connected to the same local network. Inside /etc/hosts/, you can add a new mapping:
    • <ip_of_ingress_controller> homeassistant.local
    • For homeassistant, this will also only work once you’ve added the IPs of all your Pis to /config/configuration.yaml in the HA pod as well (see article above)
Updated on 2024-12-06
Back | Home