How to use different VLANs for different apps?

[AMiGAmann]

Hi there,

my TrueNAS SCALE machine is up and running in VLAN 10. I would now like to deploy multiple apps in VLANs 30 and 40.

This is what I did: I created interfaces vlan10, vlan30, vlan40 with corresponding VLAN tag and bridges br10, br30, br40 with corresponding vlan as bridge member.

I deployed an app (OpenHAB from TrueCharts catalog). By default it is running on custom ports of the TrueNAS Scale ip address in VLAN 10. I checked "Show Expert Config" in "Networking and Services"-part of the app and configured it as followed:




I would like the app to listen on 192.168.30.28:10169/10170, but it does not. The app is deployed and still running on TrueNAS SCALE ip address.

I know I can change the VLAN for all apps in advanced Kubernetes settings, but I hoped it should also work per app.

The TrueCharts documentation just states "Checking the Show Export Config box enables one to change many expert or advanced options not described here.", which is not that helpful at all.

Can anybody point me to what I am doing wrong?

Best regards,
AMiGAmann

 

[o1982]

*bump*

I would also like to know how other people are handling this - surely it can not be just 2 people that want this.

 

[LeBronse]

I’m interested in getting this to work too. Over the next few days I’ll be doing a deep dive into it and I’ll share what I find out and if I can get it to work.

 

[Louis2]

Yep, for me Apps without VLAN support and IPV6 support are a ^NO GO^. I am new in regard to TrueNas apps, but as far as I can see in the GUI neither settings for vlan, ipv4, ipv6 are present. Just ports which will not do the job for me.

The only thing I noticed is that Kubernetes advances settings offer the option to set a entry IP and vlan for ALL apps. Better than nothing, but not good enough.

I also had a look at Traefik (available under truecharts enterprise. First impression is that it behaves as an advanced SNI-proxy, but again only IPV4.

My actual impression, as being new to apps, is that it is too limited for me.

Good thing is that TrueNas also offer the option to start a VM. That option seem to full fill my requirements, but of course you have to configure / setup more thinks by yourself.

 

[o1982]

People seem to suggest disabling the built in loadbalancer and download the Metallb app from the TrueCharts enterprise repo - I tried this and can add additional interfaces but it the app still uses the first internal kubernetes interface by default - so restricting the app to use the VPN on a different network doesn't work. I am sure it's possible to change the default gateway or interface priority for kubernetes apps, but I can't find a way to do it. So as it stands, scale is not a viable solution for me right now.

To test an App's Public IP I used this command in the container's shell:

Code:

wget http://ipecho.net/plain -O - -q ; echo

Not sure if this helps someone...
https://stackoverflow.com/questions/64159726/change-kubernetes-network-route-to-internet
EDIT: I think the above is changing all Apps not specific ones, which I believe can be done already in Scale in the Advanced Settings.

 

[omid_1985]

Per-app network segregation and app backup are why I'm sticking to Core for now.