Internal, cluster local services should be configured as regular ClusterIP
services.
Exposing services to the Internet is done by deploying a LoadBalancer
service type with an annotation to allocate a public IP for the service.
Depending upon where you've requested your workloads to run, public IP pools are accessible via the region location in the following manner:
Region | Address Pool Label |
ORD1 | public-ord1 |
EWR1 | public-ewr1 |
sshd-public-service.yamlapiVersion: v1kind: Servicemetadata:annotations:metallb.universe.tf/address-pool: public-ord1metallb.universe.tf/allow-shared-ip: defaultname: sshdspec:type: LoadBalancerexternalTrafficPolicy: Localports:- name: sshdport: 22protocol: TCPtargetPort: sshdselector:app.kubernetes.io/name: sshd
For most public services, ensure that externalTrafficPolicy: Local
is set on the service. This load balances ingress traffic from the Internet directly to the nodes running the application.