devopstalesCilium deprecated external workload? Deploy HAProxy Ingress in DMZ w/ BGP+BIRD. Pod CIDR export, firewalld hardening, AlmaLinux-ready. Secure & tested! 👇
https://devopstales.github.io/kubernetes/k8s-dmz-bgp-external-haproxy/
Kubernetes DMZ Ingress with HAProxy and BGP: External Mode Without Cilium External Workload
Learn how to deploy HAProxy Ingress Controller on AlmaLinux in a DMZ network outside your Kubernetes cluster—without Cilium’s deprecated external workload mode. This guide covers BGP peering with BIRD, Cilium’s Pod CIDR export, firewalld configuration, and production-ready setup for secure ingress traffic isolation.