I searching for a possibility to have mirrored pods of a nginx loadbalancer deployment in kubernetes that alle share the same kubernetes service with one single external IP. I tried the scenario with this statefulset config:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loadbalancer
labels:
run: loadbalancer
spec:
serviceName: "loadbalancer"
selector:
matchLabels:
run: loadbalancer
replicas: 4
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
run: loadbalancer
spec:
containers:
- name: loadbalancer
image: /services/infrastructure/loadbalancer:latest
ports:
- containerPort: 80
protocol: TCP
- containerPort: 443
protocol: TCP
volumeMounts:
- name: certs
mountPath: /etc/letsencrypt
volumeClaimTemplates:
- metadata:
name: certs
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 100MAnd this service config:
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
run: loadbalancer
name: loadbalancer
selfLink: /api/v1/namespaces/test/services/loadbalancer
spec:
clusterIP: 10.31.249.3
externalTrafficPolicy: Cluster
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
run: loadbalancer
sessionAffinity: None
type: LoadBalancerAll 4 pods are able to successful request the required let's encrypt SSL certs in parallel.
The problem is that the connection via the single service from outside the cluster via the external IPv4 address resets randomly.
How can this be prevented?