Introducing: Kube-door

I would like to introduce Kube-Door, a small side project that I have been working for a little while. Kube-door is a is a simple reserve proxy for Kubernetes services using HAProxy. It simply watches for services annotates with kube-door/ports and then generate appropriate HAproxy configuration. The idea is similar to Marathon-lb from Mesos.

The motivation for me to do this project is kube-door is relatively easier to setup than using a dedicated Ingress controller. If your kuberentes cluster has cloud configuration, then it’s best to just use LoadBalancer service type. In my case, the cluster is not configured with the cloud so we usually set up the LoadBalancer manually, which takes a lof of work.

How to use Kube-Door

First, you will need to build the docker image, I will soon publish the pre-built image somewhere, but you will need to build it yourself for now.

Then run the docker image with net host mode. Additionally, you can mount the kubeconfig and relevant certs to kube-door so it can talk to Kubernetes.

Now you will need to annotate your services with kube-door/ports annotation to expose your service. For example, below is a command to expose port 80 from your_service.

After a few seconds, you will be able to the service via port 80 of the instance where kube-door runs. You can also expose multiple-hosts and proxy by domain. See the repository README for more detail.

In the future, Kube-door will support TCP proxy and maybe also TSL/SSL proxy using kubernetes TLS secret. But for now, it is one quick way to expose your kubernetes service for external access 😀


Leave a Reply

Your email address will not be published. Required fields are marked *