Skip to content

inlets/ingress-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

2 Commits
README.md
README.md
deployment.yaml
deployment.yaml
ingress.yml
ingress.yml
issuer.yml
issuer.yml
service.yaml
service.yaml

Repository files navigation

Ingress example with HTTPS

This repository shows you how to create various Kubernetes resources for serving a simple HTTP service over HTTPS using Let's Encrypt.

  • Deployment - this creates a Pod in Kubernetes based upon a simple HTTP server image from OpenFaaS
  • Service - this maps a stable IP address to any Pods created by the Deployment
  • Ingress - integrates with an Ingress Controller to route traffic from the Internet to the Service, and to set up TLS termination
  • Issuer - a custom CRD from cert-manger to request certificates from Let's Encrypt

Steps

You'll first install the pre-requisites, then create the Deployment, Service, Issuer, and Ingress objects.

If you want to use traefik instead, just switch out the ingressClassName and skip the arkade install ingress-nginx step.

If you don't have a Kubernetes cluster to hand, but have Docker running, then you can run:

kind create cluster --name inlets-cloud-test

If you don't have Docker available, but can create a Linux VM somewhere, then you can install K3s with k3sup locally on the host:

curl -sLS https://get.k3sup.dev | sh k3sup install --local

Or remotely from your own computer via SSH using k3sup install --ip IP --user USER.

Setup ingress-nginx, cert-manager, etc

curl -sLS https://get.arkade.dev | sudo sh arkade install ingress-nginx arkade install cert-manager

Or install these packages using their various README files or Helm charts.

Create the Deployment

kubectl apply -f deployment.yml

Create the Service

kubectl apply -f service.yml

Create the Issuer

export DOMAIN=nodeinfo.example.com export CLASS=nginx cat > issuer.yml <<EOFapiVersion: cert-manager.io/v1kind: Issuermetadata: name: letsencrypt-prodspec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: webmaster@${DOMAIN} privateKeySecretRef: name: letsencrypt-prod solvers: - http01: ingress: class: $CLASSEOF kubectl apply -f issuer.yml

Create the Ingress

export DOMAIN=nodeinfo.example.com export CLASS=nginx export NAME=nodeinfo cat > ingress.yml <<EOFapiVersion: networking.k8s.io/v1kind: Ingressmetadata: name: $NAME annotations: cert-manager.io/issuer: "letsencrypt-prod"spec: ingressClassName: $CLASS rules: - host: "$DOMAIN" http: paths: - path: / pathType: Prefix backend: service: name: $NAME port: number: 8080 tls: - hosts: - "$DOMAIN" secretName: ${NAME}-tlsEOF kubectl apply -f ingress.yml

Check the progress of the certificates

kubectl get certificate kubectl describe certificate

Access the service

export DOMAIN=nodeinfo.example.com echo"https://$DOMAIN"

About

Example of Kubernetes Ingress

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published