Ancestors

Toot

Written by xan on 2025-01-20 at 16:42

@sushee so...what's your solution for managing DNS zones for sites serviced by K8s ingress endpoints and isn't just torturing CoreDNS or by setting the cluster domain to said zone

=> More informations about this toot | More toots from xan@xantronix.social

Descendants

Written by Su-Shee on 2025-01-20 at 22:27

@xan loadbalancer/dns combo in front of it "pretty domain", switchover, load balancing and so on. if it's at home I believe a lot of people like fabio. at work it's work services :) in aws it's all elb and route53 and alb and what not

=> More informations about this toot | More toots from sushee@fosstodon.org

Written by xan on 2025-01-20 at 22:29

@sushee i'm almost tempted to roll my own thing just for the practice at this point. the hardest thing about K8s is being told to use a thing without really having a full knowledge of the implementation details of said thing

=> More informations about this toot | More toots from xan@xantronix.social

Written by Su-Shee on 2025-01-20 at 22:33

@xan it's also way too many choices so I'm mostly at "I just want to point from a to b dammit" 😂 and: devil, detail so many details. the only piece I look forward to is cilium because ebpf

=> More informations about this toot | More toots from sushee@fosstodon.org

Written by xan on 2025-01-20 at 22:38

@sushee i am by no means married to flannel other than it being the default for me, however, eBPF is a big draw for me too

my dream is to simply delegate authority for a DNS zone to a cluster of nodes to respond authoritatively with appropriate A/AAAA records corresponding to Ingress objects or something. idk. i'm still new at this stuff but understand enough to be dangerous

=> More informations about this toot | More toots from xan@xantronix.social

Written by Su-Shee on 2025-01-20 at 22:41

@xan come kitty kitty kitty some yummy ebpf cni nomnom ;) if you totally want to knock yourself out ;) and then try rook ;)

=> More informations about this toot | More toots from sushee@fosstodon.org

Written by xan on 2025-01-20 at 22:52

@sushee you really have my number don't you

=> More informations about this toot | More toots from xan@xantronix.social

Written by Su-Shee on 2025-01-20 at 22:34

@xan and wait until you have to choose a service mesh and a policy agent ;)

=> More informations about this toot | More toots from sushee@fosstodon.org

Written by Su-Shee on 2025-01-20 at 22:29

@xan k8s inside: ingress, service, gateway, cilium/calico and then outside the lb/dns

=> More informations about this toot | More toots from sushee@fosstodon.org

Written by xan on 2025-01-20 at 22:31

@sushee So I've already deployed a number of things on K3s, with cert-manager even; it's specifically the DNS part I'd love to sort out, so I don't have to care which node an Ingress is instantiated on ahead of setting up cert-manager

=> More informations about this toot | More toots from xan@xantronix.social

Written by Su-Shee on 2025-01-20 at 22:35

@xan then really look at fabio and check if you can find a nice comparison with others

=> More informations about this toot | More toots from sushee@fosstodon.org