pieterlange
commented
7 years ago You could actually set the openvpn-ingress Service to use Type: LoadBalancer, which will automatically create a cloud loadbalancer for you, but as you'd still need to point the DNS entry to this loadbalancer i'd rather leave this up to the cluster operator.
I'm not aware of a "default" way to setup these DNS entries but i'm sure some standard will develop Soon :tm:. :) At that point i'm willing to make more/better default choices for users, but currently i think it's best to leave the project as configurable as possible.
Edit: depending on your cloud platform, with my default suggestion of using TCP hostPort there's actually no problem scaling the cluster size, updating etc. With AWS (and https://github.com/coreos/kube-aws) i can simply point the ELB to the ASG on the hostPorts. This will incur an extra TCP hop in most cases, but with the new nodepool feature you could have a specific nodepool (=ASG) for handling ingress (VPN, nginx-ingress, <...>) traffic.
The README states:
Is there no way to bring this into kubes itself? I hate having to then maintain something manual that won't automatically fix itself if I had more nodes, update the cluster, etc, this would be a huge problem.
I'm not sure if it's just that I'm too inexperienced with Kubes to know better but I feel like this must be possible. I am guessing because there's a service
openvpn-ingressyou can't point another service at it?