I have a homelab with two HP 180DL G6. On each of them are one Kubernetes master node and 3 worker nodes running. On one there is a virtual machine with OpnSense.
I have one management vlan where the physical machines sit. One server vlan where the virtual machines for the worker and master nodes sit. And one dmz vlan. And there is my problem. What is the best setup for offering services in the dmz? Adding worker nodes to the dmz vlan? Then I have to configure the firewall for the communication with the master nodes which I don’t like. Adding the vlan to all the worker nodes, and simply adding the adress pool to metallb? Or another whole new cluster in the dmz with kubespray.
Thank you for your input.