Best Practise to expose SSH

what is the best way to expose SSH to the Outside? I use nginx as ingress controller, in front oft my Ingress Controllers I have a LoadBalancer which runs under HAProxy. Now I have gitlab running inside my Kubernetes Cluster and wan’t to expose Port 22 for SSH usage, is it possible to expose it with nginx-ingress, or do I have to expose it directly via NodePort and send all traffic which comes for Port 22 via the LoadBalancer and redirect them to the NodePort?

My inclination would be to rely on a Service with type set to LoadBalancer. Ingresses seem to fall short for anything that isn’t HTTP based traffic.

1 Like