Skip to content

Commit

Permalink
nginx ing
Browse files Browse the repository at this point in the history
  • Loading branch information
s50600822 committed Mar 13, 2024
1 parent 9936893 commit a612e20
Show file tree
Hide file tree
Showing 3 changed files with 164 additions and 0 deletions.
87 changes: 87 additions & 0 deletions tut/k8s/ing/nginx/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
Check suitable version
```bash
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm search repo ingress-nginx --versions
```


Install
```bash
CHART_VERSION="4.10.0"
APP_VERSION="1.10.0"

helm template ingress-nginx ingress-nginx \
--repo https://kubernetes.github.io/ingress-nginx \
--version ${CHART_VERSION} \
--namespace ingress-nginx \
> ./nginx-ingress.${APP_VERSION}.yaml

kubectl apply -f ./nginx-ingress.${APP_VERSION}.yaml

kubectl -n ingress-nginx get pods

```


Should now see
```bash
kubectl -n ingress-nginx get pods

NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-47sz6 0/1 Completed 0 44s
ingress-nginx-admission-patch-5862j 0/1 Completed 1 44s
ingress-nginx-controller-55474d95c5-6w42r 0/1 ContainerCreating 0 44s
```


deploy services

```bash
k apply -f ing-svc-a.yaml

# quick check by portforwarding
kubectl port-forward svc/service-a 8080:80

Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Handling connection for 8080
```



update `/etc/hosts` to point to local - required sudo
```bash
127.0.0.1 kubernetes.docker.internal
127.0.0.1 public.service-a.com
127.0.0.1 public.service-b.com
```

test the ingress
```bash
curl -ik https://public.service-a.com/path-a.html

HTTP/2 200
date: Wed, 13 Mar 2024 17:28:46 GMT
content-type: text/html
content-length: 28
last-modified: Wed, 13 Mar 2024 15:00:04 GMT
etag: "65f1bf74-1c"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains

"/path-a.html" on service-a
```


Tailing ingress logs
```bash
k logs -f -n ingress-nginx ingress-nginx-controller-55474d95c5-6w42r

192.168.65.3 - - [13/Mar/2024:15:14:16 +0000] "GET /path-a.html HTTP/2.0" 200 28 "-" "curl/8.4.0" 44 0.001 [default-service-a-80] [] 10.1.0.62:80 28 0.001 200 099a66ec2835412b7cbfebdf37282d4b
```


- deploy more service
- route by domain
- SSL termination
- extra configs - via ConfigMap - https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap
17 changes: 17 additions & 0 deletions tut/k8s/ing/nginx/ing-svc-a.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: service-a
spec:
ingressClassName: nginx
rules:
- host: public.service-a.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: service-a
port:
number: 80
60 changes: 60 additions & 0 deletions tut/k8s/ing/nginx/ingress-nginx-controller-cfgmap.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
apiVersion: v1
items:
- apiVersion: v1
data:
allow-snippet-annotations: "false"
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"allow-snippet-annotations":"false"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/managed-by":"Helm","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.10.0","helm.sh/chart":"ingress-nginx-4.10.0"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"}}
creationTimestamp: "2024-03-13T14:44:33Z"
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.10.0
helm.sh/chart: ingress-nginx-4.10.0
name: ingress-nginx-controller
namespace: ingress-nginx
resourceVersion: "143334"
uid: f9cc1b58-8e25-4f57-8fc5-6b189b9e2f0e
- apiVersion: v1
data:
ca.crt: |
-----BEGIN CERTIFICATE-----
MIIDBTCCAe2gAwIBAgIIe5ElpERcitIwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE
AxMKa3ViZXJuZXRlczAeFw0yNDAyMDcyMTA5NDRaFw0zNDAyMDQyMTE0NDRaMBUx
EzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxeC3lFm5pGuejuf4qbNA97wGGYUhiJTCcK/gD1V0Vcala6A3pefa0CqQH
4bx4bHbwnhCvDDlXBsorPCLyqU6aUSCDR4HiQEari2hfBQOgNSn/fMLt3JORaVKq
Ef1LVt/vgWPGL0uUQ4NfQMZNbMCQPnExJuDDd1ffJXnJ7JkrfH46wTBVb6npwxBT
oK6VeiI30zLjyHGrW7epO49NUQeGueaDm8J6vRol8SYfoxIP7mLKoGj+txKC78l1
+Y1pJ+LGykpeq8jeyCNj1Y6GIe9npY+J3dR2aOdyws2gzYm/WdZbuhXinfDJTzt8
Wi3xOyF47iiJtLjWW3XVkC2PumoLAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP
BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ5XHN0JzB0G9RI/9rSq4FvOX8GoTAV
BgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQAJq7EqVbN6
ItTITvZDo+7WvFjtPAdZ0j0snKtwoVwYCd5ks3fsh2+5L+6GLRLOOPhIzD6F7/18
RTrY+qrSZiGk2PUVdfBECcAYHV+lvkq6OpLVZsrfPBD2wIPYGp2baeLLeIPXaLYe
BZ/+M7r94+XRTonpeJkMJyedUlHrfOtReokI7OgVkDEEHnbDUSu01zFagRG7Tcyc
VvYKrk9PTi/vD+QIPLpX3RnZ5OxvSkQ8u/PXgjfjvCxd4Vvh5UqeQLHPDQST/qyA
MQMo0pI+oQATtIP4KAAsv7Ub15hVFhcjnlyQs3zMchuqgLEOq3K/pkieIP5JINTr
xt1PafI3UBuB
-----END CERTIFICATE-----
kind: ConfigMap
metadata:
annotations:
kubernetes.io/description: Contains a CA bundle that can be used to verify the
kube-apiserver when using internal endpoints such as the internal service
IP or kubernetes.default.svc. No other usage is guaranteed across distributions
of Kubernetes clusters.
creationTimestamp: "2024-03-13T14:44:28Z"
name: kube-root-ca.crt
namespace: ingress-nginx
resourceVersion: "143327"
uid: 6eca69a8-3266-4486-a8c2-d30e100c0642
kind: List
metadata:
resourceVersion: ""

0 comments on commit a612e20

Please sign in to comment.