Using Traefik As Your Ingress Controller Combined With MetalLB On Your Bare Metal Kubernetes Cluster – Part 2

1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 4.00 out of 5)

Using Traefik As Your Ingress Controller Behind MetalLB On Your Bare Metal Kubernetes Cluster – Part 2

This is Part 2 – Using Traefik As Your Ingress Controller Behind MetalLB On Your Bare Metal Kubernetes Cluster.

In Part 1 you can see how to install / configure MetalLBon your Kubernetes Cluster, in Part 2 I am going to show you how to install and configure Traefik combined working together with MetalLB as your Kubernetes internal / ingress controller.

Installing Traefik with helm

Traefik can also be installed by using helm similar to shown in part 1 – installing MetalLB.

Before using Helm to install, we need to generate a password, this password will be used to login to the Traefik Web-UI.

To generate a password (note SHA1 didn’t work for me i.e. -nbs), run the below (md5 hash)

Next, we are going to install traefik with helm, you do so by running the below.

Alturntivley it can be installed with values.yaml file

Next, To be able to access the Traefik dashboard outside of the cluster, change ClusterIP to LoadBalancer.

Note: Note use the IP Address assigned in the EXTERNAL-IP column to access your traefik dashboard.

Installing Traefik manually

First, lets create the traffic controller and set as ingress controller

Note: The type: LoadBalancer above this will cause the Traefik dashboard to automatically obtain an EXTERNAL-IP.

Next, apply / install traefik to your cluster, by running the below.

You shuld now have a working Traefik configuration.

Traefik, MetalLB in action – Nginx deployment

Now that we have a working MetalLB and Traefik ingress controller, lets create an ingress Nginx Micro Service, to see all of this in action.

Create the below Nginx deployment.

Deploy the Nginx deployment to your cluster by running the below.

The Nginx deployment above will now have a CLUSTER-IP visible in Trafic, as well as automatically obtain an EXTERNAL-IP by MetalLB.

You can test the configuration by running a curl to the external IP out side of the cluster. the results will automatically load balance between your Nginx instances.

Optional create obtain an external external/public-ip for the traefik-dashboard, by running the below.

First, create the deployment traefik-dashboard.yaml file.

Now, deploy the dashboard ingress rule.

You should now be able to access the Traefik dashboard by an external/public-ip.

SSL termination / Lets Encrypt

I hope to update below in the next few days on how to configure SSL termination with (or without) Lets Encrypt.

I hope you enjoyed reading How to configure MetalLB And Traefik Load Balancing For Your Bare Metal Kubernetes Cluster, give it a thumbs up by rating the article or by just providing feedback.

You might also like – realted to Docker Kubernetes / micro-services.

Leave a Reply

2 Comment threads
2 Thread replies
Most reacted comment
Hottest comment thread
3 Comment authors
Eli KleinmanLudovicMike Puglisi Recent comment authors
newest oldest most voted
Notify of
Mike Puglisi
Mike Puglisi

Great write up. I’m tasked with setting up a production kubernetes cluster and will be using your guide for the portion I’m currently stuck on (metallb combined with ingress). Two questions: 1) Ive been trying to incorporate ingress-nginx with metallb. Is there a reason you chose traefic (which seems less popular). 2) Is your LetsEncrypt follow up coming soon? We currently have our www sub domain hosted on godaddy serving our production site (without ssl) I’m wondering if I can route sub domains (such as stage, dev) to the new on premise cluster and still obtain a wildcard certificate using… Read more »


Hi Eli, thanks for your article. Just one thing I noticed: when you use the ingress traefik ressource with MetalLB, you can keep clusterIP service type on your app service. The LoadBalancer type is now applied on the ingress Traefik service which use your ingress rules to direct traffic to your app.