diff --git a/Ingress/README.md b/Ingress/README.md new file mode 100644 index 0000000..de82672 --- /dev/null +++ b/Ingress/README.md @@ -0,0 +1,95 @@ +# Ingress demonstration +This is a demonstration of how to use Kubernetes Ingress to route traffic to different services in your cluster based on different paths. + +## Install nginx-ingress controller : +To get started, you will need to install the nginx-ingress controller in your Kubernetes cluster by running the following command: + +``` +kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml +``` + +This will deploy the nginx-ingress controller as a Deployment in your cluster. + +## Create Deployments +Next, you will need to create some sample Deployments to route traffic to. Run the following commands to create the Deployments: + +``` +kubectl create deploy sample-1 --image=devopsprosamples/next-path-sample-1 +kubectl create deploy sample-2 --image=devopsprosamples/next-path-sample-2 +kubectl create deploy sample-3 --image=devopsprosamples/next-sample-1 +kubectl create deploy sample-4 --image=devopsprosamples/next-sample-2 +``` + +These commands will create four sample Deployments with different images. + +## Create services +After you have created the Deployments, you will need to create Services for each of them. Run the following commands to create the Services: + +``` +kubectl expose deploy sample-1 --type=ClusterIP --port=3000 +kubectl expose deploy sample-2 --type=ClusterIP --port=3000 +kubectl expose deploy sample-3 --type=ClusterIP --port=3000 +kubectl expose deploy sample-4 --type=ClusterIP --port=3000 +``` + +These commands will create four Services with ClusterIP type for each of the sample Deployments. + +## Create Ingress resource +Now that you have created the Services, you can create an Ingress resource to route traffic to them based on different paths. To create the Ingress resource, run the following command: + +``` +kubectl apply -f ingress-resource.yaml +``` + +This will create an Ingress resource with rules to route traffic to the sample Services based on different paths. + +## Install certificate manager +If you want to use HTTPS with your Ingress, you will need to install a certificate manager. Run the following command to install the Jetstack cert-manager: + +``` +kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.yaml +``` + +This will install the cert-manager as a Deployment in your cluster. + +## Create Clusterissuer +After you have installed the cert-manager, you can create a Clusterissuer to issue SSL certificates for your Ingress. Run the following commands to create the staging and production Clusterissuers: + +``` +kubectl apply -f staging_issuer.yaml +kubectl apply -f prod_issuer.yaml +``` + +These commands will create two Clusterissuers, one for staging and one for production. + +## Other Commands +Here are some other useful commands to help you manage your Kubernetes cluster: + +#### To view deployments +``` +kubectl get deploy +``` +#### To view services +``` +kubectl get svc +``` +#### To view ingress +``` +kubectl get ing +``` +#### To describe ingress +``` +kubectl describe ing +``` +#### To view clusterissuer +``` +kubectl get clusterissuer +``` +#### To view certificate +``` +kubectl get certificate +``` +#### To describe certificate +``` +kubectl describe certificate +``` diff --git a/Ingress/ingress-resource.yaml b/Ingress/ingress-resource.yaml new file mode 100644 index 0000000..e5070cb --- /dev/null +++ b/Ingress/ingress-resource.yaml @@ -0,0 +1,53 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: example-ingress + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + kubernetes.io/ingress.class: "nginx" +spec: + tls: + - hosts: + - + secretName: tls-secret + rules: + - host: "" + http: + paths: + - pathType: Prefix + path: /sample-1 + backend: + service: + name: sample-1 + port: + number: 3000 + - host: "" + http: + paths: + - pathType: Prefix + path: /sample-2 + backend: + service: + name: sample-2 + port: + number: 3000 + - host: "" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: sample-3 + port: + number: 3000 + - host: "" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: sample-4 + port: + number: 3000 diff --git a/Ingress/prod_issuer.yaml b/Ingress/prod_issuer.yaml new file mode 100644 index 0000000..530a0f2 --- /dev/null +++ b/Ingress/prod_issuer.yaml @@ -0,0 +1,19 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod + namespace: cert-manager +spec: + acme: + # The ACME server URL + server: https://acme-v02.api.letsencrypt.org/directory + # Email address used for ACME registration + email: user@gmail.com + # Name of a secret used to store the ACME account private key + privateKeySecretRef: + name: letsencrypt-prod + # Enable the HTTP-01 challenge provider + solvers: + - http01: + ingress: + class: nginx diff --git a/Ingress/staging_issuer.yaml b/Ingress/staging_issuer.yaml new file mode 100644 index 0000000..e3efc02 --- /dev/null +++ b/Ingress/staging_issuer.yaml @@ -0,0 +1,19 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + namespace: cert-manager +spec: + acme: + # The ACME server URL + server: https://acme-staging-v02.api.letsencrypt.org/directory + # Email address used for ACME registration + email: user@gmail.com + # Name of a secret used to store the ACME account private key + privateKeySecretRef: + name: letsencrypt-staging + # Enable the HTTP-01 challenge provider + solvers: + - http01: + ingress: + class: nginx