How can I use a kubernetes ingress provider to route http traffic to a workload running on the same network as my kube nodes? I run most of the workload of my homelab on kubernetes and use the traefik ingress controller to route http traffic to the individual services. This allows me to only open ports 80/443 on my firewall. In addition to my services running on kubernetes I have a few workloads running on bare metal such as proxmox or a NAS-solution. They also expose an http interface which I wish to access from outside my firewall going through the already open ports.
I tried using the ExternalName service type and map to an ip of the type 192.168.*.* but the resulting CNAME response is not valid anymore when making requests from an outside network.
I also tried configuring a headless service and adding an EndPointSlice like this:
apiVersion: v1
kind: Service
metadata:
name: proxmox
spec:
ports:
- protocol: TCP
port: 8006
targetPort: 8006
---
apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
name: proxmox-slice # by convention, use the name of the Service
# as a prefix for the name of the EndpointSlice
labels:
kubernetes.io/service-name: proxmox
addressType: IPv4
ports:
- name: '' # empty because port 8006 is not assigned as a well-known
# port (by IANA)
appProtocol: http
protocol: TCP
port: 8006
endpoints:
- addresses:
- "192.168.1.150"
A last option I can see is to create an artifically kubernetes-native service, running some kind of port tcp forwarder (like socat for instance) but that seems pointlessly complex.
