diff options
| author | Paul Buetow <paul@buetow.org> | 2026-02-05 17:31:24 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-02-05 17:31:24 +0200 |
| commit | 8831e5201b512b623e980a0367db5f848f4af2da (patch) | |
| tree | 49f7391a72fb918d97696e69d156f158f430ca7a | |
| parent | 87196de6fdbadd046d550706911332df4b9f61b7 (diff) | |
Revert Part 8 to original state without LAN ingress content
Removed the LAN ingress update notice from Part 8 entirely, as the LAN
ingress content has been moved to Part 7 where ingresses were originally
introduced.
| -rw-r--r-- | gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl index 56e3323b..008c512e 100644 --- a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl +++ b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl @@ -45,22 +45,6 @@ $ cd f3s/prometheus/ The deployment concepts and architecture remain the same—only the deployment method changed from imperative (`helm install/upgrade`) to declarative (GitOps with ArgoCD). -## Update: LAN Ingress Support (February 2026) - -**Update (2026-02-05):** This blog post series has been updated to include a new section on exposing services via LAN ingress. The implementation details have been added to Part 7 (where ingresses were originally introduced). The LAN ingress section documents how to: - -* Expose services on the local network using LAN-specific ingresses (`*.f3s.lan.foo.zone`) -* Leverage the existing FreeBSD CARP failover infrastructure for high availability -* Configure FreeBSD `relayd` for TCP forwarding (Layer 4) instead of TLS termination -* Use cert-manager with self-signed certificates for LAN TLS offloading via Traefik -* Achieve zero-downtime CARP failover (tested and validated) - -This enhancement complements the existing external access method without requiring MetalLB or other LoadBalancer implementations. The f3s infrastructure now has three distinct TLS offloaders: OpenBSD relayd for external traffic, Traefik (k3s) for LAN HTTPS, and stunnel for NFS-over-TLS. - -For the full implementation details, see: - -=> ./2025-10-02-f3s-kubernetes-with-freebsd-part-7.gmi f3s: Kubernetes with FreeBSD - Part 7: k3s and first pod deployments - ## Persistent storage recap All observability components need persistent storage so that metrics and logs survive pod restarts. As covered in Part 6 of this series, the cluster uses NFS-backed persistent volumes: |