SOLVED webnut (truecharts) - ingress

[ragametal]

I'm new to truenas scale and kubernetes so bear with me.
I want to install Webnut from the truecharts catalog. I set the following variables to match my UP setup in truenas:
UPS User
UPS Password
UPS Host
UPS Port

The app seems to deploy fine but when i want to open it in a web browser the connection times out and nothing loads.

After some research i found the truechart's installation notes for this app where they indicate

This would explain why it does not load. Do any of you know how to set up "Ingress" in this app to make it work?
My understanding is that this is a way of using traefik as a reverse proxy for this application but i would like to avoid doing this if possible as i already use a different reverse proxy for all my other apps (HAProxy in PFSense). Having to pay attention to 2 reverse proxies would be less than ideal for me.

Any help on this would be greatly appreciated.

 

[LarsR]

I have webnut running without ingress and can access the web gui just fine.
I'm at work right now but can look at my settings when i'm back home.

 

[ragametal]

I have webnut running without ingress and can access the web gui just fine.
I'm at work right now but can look at my settings when i'm back home.

that would be fantastic. Thanks.

 

[LarsR]

ok i only filled out the fields for:
UPS User
UPS Password
UPS Host
UPS Port

and for networking and services:

Service Type : Loadbalancer (expoese Ports) (should be the default value)
and Port is 10585 (should be the default value)

Ingress is not enabled and i can reach the webui with myip:10585
the rest is set to the default values.

Edit

 

[ragametal]

@LarsR thanks for the input but my settings are just like yours but for some reason it is not working for me.
The following are my settings:

One thing that may be different in my environment than yours is that i set NUT as slave in truenas. The UPS is connected and monitored by my PFSense firewall which is set as the NUT server. The firewall has an IP of 10.0.0.1 which is the IP indicated as the "UPS Host", while my truenas host has an internal IP of 10.0.0.151.

With these settings the App deploys without error but when accessing the web interface at http://10.0.0.151:10585 the connection time out and i get a error from my browser

Do you happen to have any other pointers of things i could to try?

 

[ragametal]

Ok, I deleted the app and reinstalled it.
Now it is magically working, no ingress necessary.

Why is it working now and not before is beyond me. Thanks for the help @LarsR

 

[gdreade]

I've not played with TrueNAS Scale yet, so I won't try to answer specific questions about the charts, however some background on Kubernetes may help. And as a note to others familiar with it, I'm leaving out some edge cases that are likely to break things in multi-node clusters; if you know enough to deal with them, you know when it is appropriate to use other approaches:

In Kubernetes (herein, "k8s"), you have two main networks/IP pools that you care about:

1. The external pool one that is seen to be used by the k8s cluster when connecting from outside the cluster; it may be as small as one IP (I don't know what Scale uses, here)
2. The internal one that is used when deploying containers (here, "apps") inside the cluster. This pool is typically pretty large, and is all reserved address space.

In order for something outside the k8s cluster (such as your web browser sitting on your LAN) to be able to reach the running container, you typically use ONE of the following two mechanisms (which also make use of a k8s "Service" internally, which I won't bother to explain here; see the k8s docs and be prepared to drink from the fire hose):

1. LoadBalancer: You can think of these as generalized reverse proxies. They can handle arbitrary protocols, but are relatively heavy; you need one for each application that you want to expose, and each LoadBalancer uses up at least one IP/port combination from the external pool.
2. IngressController: This is a specialization of a reverse proxy that is intended only for HTTP/HTTPS traffic. An IngressController will also use at least one IP/port combination from the external pool (typically two; one for HTTP/80 and one for HTTPS/443). The advantage of using an IngressController is that it can provide access for many services; you often have only one IngressController per cluster. Where you see references to "Ingress" in the documentation, it is not talking about a piece of software. The Ingress is really just a piece of configuration that is part of how you deploy a particular application. However, your IngresController (which IS a piece of running software) will look at the Ingress config for that application and reconfigure itself so that it can expose your application in the desired way (as well as remove access when you undeploy your application).

If you are deploying web applications, you generally want to be using the IngressController and not a LoadBalancer. I suspect that TrueNAS Scale already has the IngressController in place, so all you need to be concerned with is telling it how to behave via your Ingress config.

You may very well have another reverse proxy sitting on your LAN (perhaps to expose your application to the Internet?), but that is not a reason to avoid an IngressController or LoadBalancer; they serve different roles and in particular your LAN reverse proxy does not have enough information or access to expose in-cluster containers directly. In fact, chaining reverse proxies (where each proxy is responsible for a different network boundary) is the normal way that things would be deployed. A properly written web application will not care how many proxies are between it and the client (browser) and the overhead is negligable.

 

[ragametal]

Thanks for the explanation @gdreade .To be honest, most of that went above my head. Lots to learn on my end still.