-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
164 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
Check suitable version | ||
```bash | ||
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx | ||
helm search repo ingress-nginx --versions | ||
``` | ||
|
||
|
||
Install | ||
```bash | ||
CHART_VERSION="4.10.0" | ||
APP_VERSION="1.10.0" | ||
|
||
helm template ingress-nginx ingress-nginx \ | ||
--repo https://kubernetes.github.io/ingress-nginx \ | ||
--version ${CHART_VERSION} \ | ||
--namespace ingress-nginx \ | ||
> ./nginx-ingress.${APP_VERSION}.yaml | ||
|
||
kubectl apply -f ./nginx-ingress.${APP_VERSION}.yaml | ||
|
||
kubectl -n ingress-nginx get pods | ||
|
||
``` | ||
|
||
|
||
Should now see | ||
```bash | ||
kubectl -n ingress-nginx get pods | ||
|
||
NAME READY STATUS RESTARTS AGE | ||
ingress-nginx-admission-create-47sz6 0/1 Completed 0 44s | ||
ingress-nginx-admission-patch-5862j 0/1 Completed 1 44s | ||
ingress-nginx-controller-55474d95c5-6w42r 0/1 ContainerCreating 0 44s | ||
``` | ||
|
||
|
||
deploy services | ||
|
||
```bash | ||
k apply -f ing-svc-a.yaml | ||
|
||
# quick check by portforwarding | ||
kubectl port-forward svc/service-a 8080:80 | ||
|
||
Forwarding from 127.0.0.1:8080 -> 80 | ||
Forwarding from [::1]:8080 -> 80 | ||
Handling connection for 8080 | ||
``` | ||
|
||
|
||
|
||
update `/etc/hosts` to point to local - required sudo | ||
```bash | ||
127.0.0.1 kubernetes.docker.internal | ||
127.0.0.1 public.service-a.com | ||
127.0.0.1 public.service-b.com | ||
``` | ||
|
||
test the ingress | ||
```bash | ||
curl -ik https://public.service-a.com/path-a.html | ||
|
||
HTTP/2 200 | ||
date: Wed, 13 Mar 2024 17:28:46 GMT | ||
content-type: text/html | ||
content-length: 28 | ||
last-modified: Wed, 13 Mar 2024 15:00:04 GMT | ||
etag: "65f1bf74-1c" | ||
accept-ranges: bytes | ||
strict-transport-security: max-age=31536000; includeSubDomains | ||
|
||
"/path-a.html" on service-a | ||
``` | ||
|
||
|
||
Tailing ingress logs | ||
```bash | ||
k logs -f -n ingress-nginx ingress-nginx-controller-55474d95c5-6w42r | ||
|
||
192.168.65.3 - - [13/Mar/2024:15:14:16 +0000] "GET /path-a.html HTTP/2.0" 200 28 "-" "curl/8.4.0" 44 0.001 [default-service-a-80] [] 10.1.0.62:80 28 0.001 200 099a66ec2835412b7cbfebdf37282d4b | ||
``` | ||
|
||
|
||
- deploy more service | ||
- route by domain | ||
- SSL termination | ||
- extra configs - via ConfigMap - https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: service-a | ||
spec: | ||
ingressClassName: nginx | ||
rules: | ||
- host: public.service-a.com | ||
http: | ||
paths: | ||
- path: / | ||
pathType: Prefix | ||
backend: | ||
service: | ||
name: service-a | ||
port: | ||
number: 80 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
apiVersion: v1 | ||
items: | ||
- apiVersion: v1 | ||
data: | ||
allow-snippet-annotations: "false" | ||
kind: ConfigMap | ||
metadata: | ||
annotations: | ||
kubectl.kubernetes.io/last-applied-configuration: | | ||
{"apiVersion":"v1","data":{"allow-snippet-annotations":"false"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/managed-by":"Helm","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.10.0","helm.sh/chart":"ingress-nginx-4.10.0"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"}} | ||
creationTimestamp: "2024-03-13T14:44:33Z" | ||
labels: | ||
app.kubernetes.io/component: controller | ||
app.kubernetes.io/instance: ingress-nginx | ||
app.kubernetes.io/managed-by: Helm | ||
app.kubernetes.io/name: ingress-nginx | ||
app.kubernetes.io/part-of: ingress-nginx | ||
app.kubernetes.io/version: 1.10.0 | ||
helm.sh/chart: ingress-nginx-4.10.0 | ||
name: ingress-nginx-controller | ||
namespace: ingress-nginx | ||
resourceVersion: "143334" | ||
uid: f9cc1b58-8e25-4f57-8fc5-6b189b9e2f0e | ||
- apiVersion: v1 | ||
data: | ||
ca.crt: | | ||
-----BEGIN CERTIFICATE----- | ||
MIIDBTCCAe2gAwIBAgIIe5ElpERcitIwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE | ||
AxMKa3ViZXJuZXRlczAeFw0yNDAyMDcyMTA5NDRaFw0zNDAyMDQyMTE0NDRaMBUx | ||
EzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK | ||
AoIBAQCxeC3lFm5pGuejuf4qbNA97wGGYUhiJTCcK/gD1V0Vcala6A3pefa0CqQH | ||
4bx4bHbwnhCvDDlXBsorPCLyqU6aUSCDR4HiQEari2hfBQOgNSn/fMLt3JORaVKq | ||
Ef1LVt/vgWPGL0uUQ4NfQMZNbMCQPnExJuDDd1ffJXnJ7JkrfH46wTBVb6npwxBT | ||
oK6VeiI30zLjyHGrW7epO49NUQeGueaDm8J6vRol8SYfoxIP7mLKoGj+txKC78l1 | ||
+Y1pJ+LGykpeq8jeyCNj1Y6GIe9npY+J3dR2aOdyws2gzYm/WdZbuhXinfDJTzt8 | ||
Wi3xOyF47iiJtLjWW3XVkC2PumoLAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP | ||
BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ5XHN0JzB0G9RI/9rSq4FvOX8GoTAV | ||
BgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQAJq7EqVbN6 | ||
ItTITvZDo+7WvFjtPAdZ0j0snKtwoVwYCd5ks3fsh2+5L+6GLRLOOPhIzD6F7/18 | ||
RTrY+qrSZiGk2PUVdfBECcAYHV+lvkq6OpLVZsrfPBD2wIPYGp2baeLLeIPXaLYe | ||
BZ/+M7r94+XRTonpeJkMJyedUlHrfOtReokI7OgVkDEEHnbDUSu01zFagRG7Tcyc | ||
VvYKrk9PTi/vD+QIPLpX3RnZ5OxvSkQ8u/PXgjfjvCxd4Vvh5UqeQLHPDQST/qyA | ||
MQMo0pI+oQATtIP4KAAsv7Ub15hVFhcjnlyQs3zMchuqgLEOq3K/pkieIP5JINTr | ||
xt1PafI3UBuB | ||
-----END CERTIFICATE----- | ||
kind: ConfigMap | ||
metadata: | ||
annotations: | ||
kubernetes.io/description: Contains a CA bundle that can be used to verify the | ||
kube-apiserver when using internal endpoints such as the internal service | ||
IP or kubernetes.default.svc. No other usage is guaranteed across distributions | ||
of Kubernetes clusters. | ||
creationTimestamp: "2024-03-13T14:44:28Z" | ||
name: kube-root-ca.crt | ||
namespace: ingress-nginx | ||
resourceVersion: "143327" | ||
uid: 6eca69a8-3266-4486-a8c2-d30e100c0642 | ||
kind: List | ||
metadata: | ||
resourceVersion: "" |