Which node should I map the external (public) IP to?

hinewwin · May 15, 2019, 11:32pm

Hello, I am planning on deploying Kubernetes cluster on to our vsphere environment using Kubespray.

I have not deployed yet and I am currently in the process of architecting the network.

Due to the type of business I am in, I need isolation between networks and I have created 3 VLANs for this purpose.

VLAN100 (public, internet access)
- purpose : use to serve containers that are consumer facing (i.e. web frontend, api frontend)
- Internet is allowed (both IN/OUT) and can map external public IP address to computers in this VLAN
VLAN101 (private, no internet access)
- purpose : database. computer’s in VLAN100 (i.e. frontend) can get data from VLAN101.
- No internet is allowed
VLAN102 (private, no internet access)
- purpose : management - use to serve all management related (i.e. puppet server, backup solution, etc…)
- No internet is allowed. VLAN100 and VLAN101 can talk to VLAN102

In this case, where should I put Kubernetes-Master and Nodes? Does external traffic goes directly to Nodes? or Master?

Thank you very much

Topic		Replies	Views
Network isolation requirement General Discussions	4	616	August 13, 2020
External access to services in cluster on VPS nodes with public IPs General Discussions loadbalancer , metallb , network	0	315	June 1, 2024
Ip address of kubernetes cluster for firewall General Discussions	2	1410	November 11, 2018
Kubernetes behind pfSense General Discussions	9	9801	May 7, 2020
Work node join cluster by public IP General Discussions	10	5861	November 2, 2019