Self-Hosting Your Homelab Services with SSL --  Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

Hosting at Home – Self-Hosting Your Homelab Services with SSL — Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

Self-Hosting Your Homelab Services with SSL — Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

Hosting at Home

Are you self-hosting lots of services at home in your homelab? Have you been port forwarding or using VPN to access your self-hosted services wishing you had certificates so that you can access them securely over SSL? Well after this video, you can! In this step by step tutorial we’ll walk through setting up Rancher and Kubernetes with a reverse proxy, Kubernetes Ingress, MetalLB, Traefik, Let’s Encrypt, and DNS giving you free certificates.

★ Subscribe!
★ I’m Live Every Tues/Thurs/Sat on Twitch
★ Join our Full Stack Discord Community!
★ Documentation found here

🔔 Social Media 🔔
► Twitch
► Twitter
► Discord
► Instagram
► Facebook
► GitHub

► Help Support the Channel on Patreon

► Techno Tim Amazon Store:

Techno Tim Kits:
► 4K YouTube Kit:
► Pro Level Live Streaming Kit:
► Budget Gaming Streaming PC 2020:
► Performance Virtualization Server:
► Budget NAS Server:
► Coding & Gaming Keyboards:
► Coding & Gaming Mice:

👕 Most of my clothes come from Target

This description contains affiliate links. If you click on one of them, I’ll receive a small commission at no cost to you. Thank you.

00:00 Intro
00:23 Why
00:40 What we will do today
01:23 Prerequisites
03:12 Get kube config for kubectl
03:51 Install MetalLB
04:40 Configure MetalLB
05:31 Install Traefik
06:03 Configure Traefik
07:59 DNS Secrets
08:52 Set up persistent volume claim
09:24 Start Traefik
09:47 Traefik Dashboard
10:15 Switch port forwarding
10:43 Deploy your workload or website
11:25 Create a Load Balancer or Kubernetes Ingress
12:31 Traefik Routing
12:52 We have an Acme Let’s Encrypt Staging Certificate!
13:44 Get a Let’s Encrypt Production Certificate
15:07 We have an Acme Let’s Encrypt Production Certificate!
15:54 What do you think about the reverse proxy tutorial?
16:20 Stream highlight – What will your next video be??????

⏯ Recommended Videos ⏯
► 20 Ways to Use a Virtual Machine (and other ideas for your homelab)
► Remote Gaming with Promox
► Techno Tim Homelab Tour — Server Rack and Network
► Homelab Services Tour — What am I running on my Homelab?
► Let’s Build a Discord Bot Using DiscordJS – Moderator Bot
#SelfHosted #Homelab #LetsEncrypt #MetalLb #Traefik #ReverseProxy #Rancher #Kubernetes #Docker

Thank you for watching!

you search:

Hosting at Home

Self-Hosting Your Homelab Services with SSL — Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

47 thoughts on “Hosting at Home – Self-Hosting Your Homelab Services with SSL — Let's Encrypt, MetalLB, Traefik, Rancher, Kubernetes

  1. My Traefik-dashboard is active, but it is not displayed in the Endpoints section. I am unable to reach Traefik-dashboard. I installed Traefik again and verified each step against the video.

  2. Wow great video! You inspire me to make and self-hosting my on services. Anyway, it would be nice if you make videos about self-hosting service using cloudflare argo tunnel. Since it is an interesting self hosting solution to people that only have shared private IP from their ISP (behind CGNAT). Thank you!

  3. I'm running my containers within my router in a Debian VM… Being somewhat limited (just an ARM64 system, no cluster, very much like a Raspberry Pi 4 performance wise) I can set up Traefic for sure, but do you think I need a load balancer on top of it? I run then without Rancher/Kubernetes and I'm wondering if a load balancer is useful in this context… But in the meantime I'd like to make it as secure and reliable as I can!

    Thanks for those awesome tutorials, you make it all easy^^

  4. Thank you for the guide, it was really helpful.
    I have a question and some notes though, I'd like to add and it might even help some ppl trying to do this:

    – There's already a Traefik installed in system/kube-system namespace, which is installed by rancher. Why couldn't this be used to do the same thing?

    – RABC needs to be configured! Either disable it, or configure it for Traefik.
    – Cloudflare api key has to be the "Global API Key", the client can't handle the other types.
    – When enabling Traefik: Add the volume and secrets before, sometimes my volumes would never be grabbed (could have been some other errors tho)
    – REALLY backup the cluster, I had to re-do my cluster 4 times to finally be able to have some results

  5. Tin u R the best! This guide actually helped me to publish my kube deployments – i looked about 500 guides and examples and scenarios and never have I ever made it to work – now i simply add workload to my kubernetes and can access it like a pro! using loadbalancer and it is secured with certificates. You sir, are rocking my life! BRAVO! and thanks!!!

  6. Erg volume claim didn't work so… I deleted the Traefik app, can't login to Rancher LB :-(. Looking for a manual option to install Traefik this option. Time to kuddle up with my kube

  7. Could you update this tutorial ?
    I cannot reproduce your results on the same kind of setup at all.
    I think this is due to rancher is updated. Also the notes are not in the description.

  8. This is a fantastic video that connects a lot of complex topics! I'm surprised your ISP doesn't block port 80 and 443. Do you have a commercial internet connection? I was thinking about getting around this by running a proxy in a small cloud instance that proxies back to my home network over some high port that isn't blocked and is then port forwarded to MetalLB

  9. Very helpful, but here is one doubt related to 4:48 : we're configuring a pool of IP addresses in MetalLB so it's free to choose any of them. Later in the video you say that in the home router we need to set port forwarding towards this IP address. This one I don't fully understand – on one hand we have a "dynamically" allocated IP in MetalLB and at same time – a fixed IP in router configuration. Could you please clarify? Thanks!

  10. nice video.. wondering if u can do a video to get harbor (another app inside Rancher) to be configured with the Traefik solution.. i followed the video but am trying to deploy Harbor as my application, but am constantly getting "error from tls" from the Traefik logs which i am not sure what. went wrong.

  11. my hat is off to you — this is a simple tutorial for a complex project. — i was able to follow your uinstructions and had it working the first time. — (it helps that i've setup traefik on docker previously, but still — props!)

  12. I can relate to each of every one of your videos..done all of these and your stack everlaps with mine so much. We have 100 supermicro computer with GPU running rancher..well done, please keep up the amazing work.

  13. Just a tip for anyone trying to do this in their own rancher cluster, you don't HAVE to install metalLB to use traefik and let's encrypt. If you don't want to install a load balancer, skip that part of the video and go to install traefik, when installing traefik instead of choosing L4 loadbalancer choose node or hostport, then port forward traffic from port 80 and 443 to the node or hostport on those same ports and it should work just fine. Hope it helps someone 😛

  14. Solid Video. Wonder if their is anyway to incorporate Nginx w/ LetsEncrypt including Cert Bot to set up your load balancing correctly. The GUI of this makes this nice though. I would love to see a video on creating Custom Docker Image as well! Containerization is a must these days. Thanks for the awesome work & please do not stop. xD. Learning a bunch.

  15. Traefik is stuck at "installing" and I do not know how to map ports internally to metallb. I have looked everywhere and don't understand that process. Any help would be appreciated.

  16. Superb tutorial! Just a useless fact. The traefik version (1.7.14) is named "Maroilles" which is a cheese from northern France that is one of the stinkiest cheese ever made. It smells very close to rotten feet. Peoples in northern France love this cheese: they do pies with it and they even eat it with their morning coffee mix with chicory, a very biter root…

  17. Great videos man, keep it up. Im new to all of this, just followed your Nextcloud video and now trying to secure it. I have a question: in 7:53 you say that you have a DNS reccord internally pointing at your Rancher cluster. Can you briefly explain how thats done or point me in the right direction? Im not familiar with Kubernetes, or Rancher. Thanks.

  18. I ran into this issue so for anyone who has issues with metallb assigning a endpoint check your .kube/config file. Make sure the name space is the one you are installing traefik to. If it is wrong just update it with the kubeconfig from the right cluster. I could have sworn I chose the right cluster but no. Also if you are having issues remove the default cluster ingress controller under settings advanced and ingress. As well as the dnsProvider when you edit the yaml has been depreciated it is now dnsChallenge.provider.

  19. Do I need to install kubernetes on my linux server or my windows machine? Also, ~/.kube/config doesn't exist for me in both cases. when I type kubectl it doesn't show any errors, so it is installed.

  20. Hey Techno Tim. Where can I find the Metallb ip address? We are supposed to forward 80,443 to the Metallb address correct? Traefik is stuck on "deploying" and I have a feeling it's because the ports aren't forwarded right. Thanks.

  21. Found your channel a few weeks ago and it helped me a lot configuring my home lab with Proxmox and a Debian VM running all docker containers. I really like your easy way of explaining, I can tell you make an effort in your videos, it is highly appreciated. Thanks.

    As you you use Rancher I guess it is not in your plan to show how to set up Traefik + SSL with Portainer 2.0. I just can’t get it to work, and there are no guides out there for it.

Leave a Reply

Your email address will not be published. Required fields are marked *