expose to external using TCP ingress

[gioppoluca]

I'm using traefik as ingress controller.

Is it possible to ask the operator to create the service that exposes the share only as a cluster IP so that it will be possible to use the ingresstcp resource to expose the service through the ingress controller?

[phlogistonjohn]

In the SmbCommonConfig we support a network option 'publish' that helps control what kinds of services get created: https://github.com/samba-in-kubernetes/samba-operator/blob/master/docs/design/crd-proposal-phase1.md#smbcommonconfig

However, without checking the code I also thought we created Services with cluster IP access by default. Let me know if you think this is wrong, or if you think I'm not understanding your question. I'm happy to discuss this further.

[gioppoluca]

If I am correct if I define network as external the operator create a load balancer but I need only to get an ingrestcp. So the proposal is to have an option not to create the load balancer or to specify the type of the service and maybe the a template of resource to create

[phlogistonjohn]

If I am correct if I define network as external the operator create a load balancer

Yes, that's correct

but I need only to get an ingrestcp. So the proposal is to have an option not to create the load balancer

You can still have the operator create the Service w/o load balancer. Have you tried it? If so, how does that service fail to work with traefik/ingress tcp? I ask to better learn what others are doing. Also maybe there's a bug and I just haven't hit it yet.

or to specify the type of the service and maybe the a template of resource to create

We certainly think that we need to do more templating for pods, so it wouldn't be much of a stretch to do more templating for services too. It's a good idea, thanks!

[gioppoluca]

How can i have the operator create the service without loadbalancer? I did not found the option

[spuiuk]

I created two smbshares.

1. smbshare2 - non clustered smbshare
2. smbshare3 - clustered smbshare.

I see the following services on my kubernetes cluster
$ kubectl get service -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes ClusterIP 10.96.0.1 443/TCP 7d22h
smbshare2 ClusterIP 10.101.44.191 445/TCP 110s samba-operator.samba.org/service=smbshare2
smbshare3 ClusterIP 10.107.216.139 445/TCP 3m8s samba-operator.samba.org/service=smbshare3

for both smbshare2 and smbshare3 service, the type is set to ClusterIP.

[thiscantbeserious]

The OP is misunderstanding the very simple fact that you can just deploy an IngressRoute for any ClusterIP Services like that with Traefik:

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: portainer-dashboard
  namespace: portainer
spec:
  entryPoints:
    - web
    - websecure
  routes:
    - match: Host(`portainer.mydomain.com`) # Hostname to match
      kind: Rule
      services: # Service to redirect requests to
        - name: portainer
          port: 9000
          kind: Service
          namespace: portainer
      middlewares:
        - name: sso
          namespace: traefik-system
  tls:
    secretName: my-cert