|
|
|
|
|
|
by nodesocket
2129 days ago
|
|
|
> The notion that you need an 'ingress' pod AND an external load-balancer, just to be able to respond to internet traffic - and not even all internet traffic (only HTTPS) - is truly staggering. If you are on a cloud provider, the load balancer abstraction is handled for you by AWS load balancer or Google Compute load balancer so really a non-factor. I own and run a DevOps consulting company[1], and clients of course want to deploy their software on-prem which becomes significantly harder and more time consuming. Personally, I use MetalLB[2] by the folks at Google which creates a LoadBalancer abstraction and then use Traefik[3] in front of all deployments (containers). Traefik handles creating the SSL certificates using Let's Encrypt either via http or DNS challenge. The benefit here is only a single LoadBalancer is created pointing to Traefik, and then Traefik terminates https and routes to all the deployments (containers). [1] https://elasticbyte.net
[2] https://metallb.universe.tf/
[3] https://containo.us/traefik/ |
|
|
As long as money is a non-factor, sure. If the idea is "just pay the cloudy tax" then I'd rather be on something like Heroku that actually makes my life easier, not harder.