When I first set up Kubernetes, I installed MetalLB right away to handle load balancing. Since I’m running a bare-metal cluster, I needed something that could assign external IPs without relying on a cloud provider, and MetalLB fit that role perfectly.
For my ingress controller, K3S came with Traefik. I decided to use it as it has strong community support, flexibility, and straightforward configuration. It’s been reliable so far and integrates nicely with the rest of my setup.
All traffic is currently routed through Cloudflare, giving me an added layer of security, DDoS protection, and caching. I’m also looking into Cloudflared as part of the stack. I haven’t decided yet if I’ll run it alongside Traefik or eventually replace Traefik and run Cloudflared in standalone mode. That’s something I’ll revisit as I continue to refine things.
At this stage, I’m still experimenting with the rest of the software stack and figuring out what tools and configurations work best for my needs. But this current foundation—MetalLB, Traefik, and Cloudflare—has been solid and easy to work with so far.
Next up, Cert-manager.