K8s/Ingress: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(41 intermediate revisions by the same user not shown)
Line 44: Line 44:
|-
|-
|valign='top'|
|valign='top'|
===Internal » HAProxy===
<syntaxhighlight lang="yaml">
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: haproxy
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 80
YML
</syntaxhighlight>
|valign='top'|
===Internal » Apache===
<syntaxhighlight lang="yaml">
<syntaxhighlight lang="yaml">
cat << YML | kubectl apply -n internal -f -
cat << YML | kubectl apply -n internal -f -
Line 60: Line 92:
   ingressClassName: nginx
   ingressClassName: nginx
   rules:
   rules:
     - host: "host.k8s.local"
     - host: "apache.host.k8s.local"
       http:
       http:
         paths:
         paths:
Line 74: Line 106:


|valign='top'|
|valign='top'|
===Internal » Nginx===
<syntaxhighlight lang="yaml" line>
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "nginx.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 2015
YML
</syntaxhighlight>
|-
|colspan='3'|
----
|-
|valign='top'|
===Internal » GitLab===
<syntaxhighlight lang="yaml">
<syntaxhighlight lang="yaml">
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gitlab
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "gitlab.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 1080
YML
</syntaxhighlight>
|valign='top'|
===Internal » MinIO===
<syntaxhighlight lang="yaml" highlight="14,18,28" line>
cat << YML | kubectl apply -n internal -f -
cat << YML | kubectl apply -n internal -f -
---
---
Line 87: Line 186:
     app.kubernetes.io/name: minikube-host
     app.kubernetes.io/name: minikube-host
     app.kubernetes.io/instance: minikube-host
     app.kubernetes.io/instance: minikube-host
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
spec:
   ingressClassName: nginx
   ingressClassName: nginx
Line 100: Line 201:
                 port:
                 port:
                   number: 9801
                   number: 9801
           - path: /files/
    - host: "s3.host.k8s.local"
      http:
        paths:
           - path: /
             pathType: ImplementationSpecific
             pathType: ImplementationSpecific
             backend:
             backend:
Line 112: Line 216:
|valign='top'|
|valign='top'|


|}
==Ingress » Nginx==
{|
|valign='top'|
===ConfigMap » tcp-services===
<syntaxhighlight lang="yaml" highlight="6,13-14">
cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
data:
  5432: "postgresql/postgresql:5432"
  6379: "redis/redis-headless:6379"
YML
</syntaxhighlight>
|valign='top'|
===ConfigMap » udp-services===
<syntaxhighlight lang="yaml" highlight="6,13" line>
cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: udp-services
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
data:
  1194: "internal/minikube-host:1194"
  53: "kube-system/kube-dns:53"
YML
</syntaxhighlight>
|-
| colspan="2" |
----
|-
| colspan="2" |
===Service » ingress-nginx===
<syntaxhighlight lang="yaml">
cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: LoadBalancer
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
    - name: proxied-tcp-5432
      port: 5432
      targetPort: 5432
      protocol: TCP
    - name: proxied-tcp-6379
      port: 6379
      targetPort: 6379
      protocol: TCP
    - name: proxied-udp-1194
      port: 1194
      targetPort: 1194
      protocol: UDP
    - name: proxied-udp-53
      port: 53
      targetPort: 53
      protocol: UDP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
YML
</syntaxhighlight>
|-
| colspan="2" |
----
|-
| colspan="2" |
<syntaxhighlight lang="bash">
kubectl -n ingress-nginx rollout restart deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout history deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout status  deploy/ingress-nginx-controller
</syntaxhighlight>
|}
==Minikube » Tunnel==
{|
|valign='top'|
<syntaxhighlight lang="bash">
# check minikube user either exists or not
cat /etc/passwd|grep minikube
sudo usermod -aG sudo minikube
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang="bash">
# minikube no-password sudo access add to EOL
sudo visudo
minikube ALL=(ALL) NOPASSWD: ALL
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang="bash">
# login to minikube user and start tunneling
sudo -i -u minikube
minikube tunnel
</syntaxhighlight>
|}
|}


==Playground==
==Playground==
{|
{|
|colspan='3'|
<syntaxhighlight lang="bash">
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat template/nginx.tmpl
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/resolv.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat nginx.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/hosts
</syntaxhighlight>
|-
|colspan='3'|
----
|-
|valign='top'|
|valign='top'|
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 144: Line 390:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
kubectl get all -A
kubectl get all -A
kubectl get all
kubectl get ns
kubectl get ns
</syntaxhighlight>
</syntaxhighlight>
|valign='top' colspan='2'|
<syntaxhighlight lang="bash">
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -c controller -- bash
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- bash
</syntaxhighlight>
|-
|colspan='3'|
----
|-
|valign='top'|
sudo vim /etc/apache2/sites-enabled/000-default.conf
sudo vim /etc/apache2/ports.conf
sudo apachectl -t


|valign='top'|
|valign='top'|
sudo systemctl restart apache2.service
sudo systemctl reload apache2.service
systemctl status apache2.service


|valign='top'|
|valign='top'|
Line 158: Line 421:
|valign='top'|
|valign='top'|
* [https://stackoverflow.com/questions/67708284/ K8s » Ingress » Connect to external service]
* [https://stackoverflow.com/questions/67708284/ K8s » Ingress » Connect to external service]
* [https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/ K8s » Ingress » Exposing TCP/UDP services]
* [https://kubernetes.github.io/ingress-nginx/user-guide/fcgi-services/ K8s » Ingress » Exposing FastCGI Servers]
* [https://stackoverflow.com/questions/59844622/ K8s » Ingress » Different namespaces]
* [https://stackoverflow.com/questions/59844622/ K8s » Ingress » Different namespaces]
* [https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/custom-template/ K8s » Ingress » Custom Template]
* [https://stackoverflow.com/questions/57764237/ K8s » Ingress » External Service]
* [https://stackoverflow.com/questions/57764237/ K8s » Ingress » External Service]
* [https://kubernetes.github.io/ingress-nginx/user-guide/ingress-path-matching/ K8s » Ingress » Path Matching]
* [https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/ K8s » Ingress » Annotations]
* [https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ K8s » Ingress » ConfigMaps]
* [https://kubernetes.io/docs/concepts/services-networking/ingress/ K8s » Ingress]
* [https://kubernetes.io/docs/concepts/services-networking/ingress/ K8s » Ingress]


|valign='top'|
|valign='top'|
* [https://medium.com/@heshani.samarasekara/expose-tcp-services-through-ingress-nginx-controller-ef135dbfae4d K8s » Ingress » Expose TCP services]
* [https://stackoverflow.com/questions/60309108/ K8s » Ingress » Disable HSTS]
* [https://docs.k0sproject.io/v1.27.1+k0s.0/examples/ambassador-ingress/ K8s » Ingress » Ambassador]
* [https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md K8s » Ingress » Annotations]
* [https://stackoverflow.com/questions/51744536/ K8s » Ingress » CORS Rules]
* [https://docs.k0sproject.io/v1.27.1+k0s.0/examples/metallb-loadbalancer/ K8s » Ingress » MetalLB]
* [https://docs.k0sproject.io/v1.27.1+k0s.0/examples/traefik-ingress/ K8s » Ingress » Traefik]
* [[K8s/Swiss Knife|K8s » Swiss Knife]]
* [[K8s/Service|K8s » Service]]
* [[K8s/Run|K8s » Run]]


|valign='top'|
|valign='top'|
* [https://medium.com/@luis.laredo.vel/configuring-pgadmin-to-access-the-backstage-databases-in-a-kubernetes-cluster-953ee087e41d K8s » Configuring PgAdmin4]
* [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]]


|-
|-
Line 183: Line 464:


|valign='top'|
|valign='top'|
* [https://www.uptimia.com/questions/how-to-change-the-default-port-for-nginx Nginx » Change The Default Port]
* [[Minikube Ingress DNS|Minikube » Ingress » DNS]]
* [[Minikube Ingress DNS|Minikube » Ingress » DNS]]
* [[Minikube Systemd|Minikube » Systemd]]
* [[Minikube Registry|Minikube » Registry]]
* [[Minikube Tunnel|Minikube » Tunnel]]
* [[Kubectl]]
* [[Kubectl]]
* [[Ansible]]
* [[Ansible]]
Line 191: Line 476:


|valign='top'|
|valign='top'|
 
* [https://support.severalnines.com/hc/en-us/articles/212427063 Apache » Change The Default Port]
|}
|}

Latest revision as of 17:23, 16 November 2024

External

kubectl get ns|grep external
kubectl delete namespace external
kubectl create namespace external

Internal

kubectl get ns|grep internal
kubectl delete namespace internal
kubectl create namespace internal

cat << YML|kubectl apply -n internal -f -
---
apiVersion: v1
kind: Service
metadata:
  name: minikube-host
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  type: ExternalName
  externalName: host.minikube.internal
YML

Internal » HAProxy

cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: haproxy
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 80
YML

Internal » Apache

cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: apache
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "apache.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 2013
YML

Internal » Nginx

cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "nginx.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 2015
YML

Internal » GitLab

cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gitlab
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
spec:
  ingressClassName: nginx
  rules:
    - host: "gitlab.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 1080
YML

Internal » MinIO

cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minio
  namespace: internal
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
    app.kubernetes.io/name: minikube-host
    app.kubernetes.io/instance: minikube-host
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
  ingressClassName: nginx
  rules:
    - host: "minio.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 9801
    - host: "s3.host.k8s.local"
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: minikube-host
                port:
                  number: 9800
YML

Ingress » Nginx

ConfigMap » tcp-services

cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
data:
  5432: "postgresql/postgresql:5432"
  6379: "redis/redis-headless:6379"
YML

ConfigMap » udp-services

cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: udp-services
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
data:
  1194: "internal/minikube-host:1194"
  53: "kube-system/kube-dns:53"
YML

Service » ingress-nginx

cat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: LoadBalancer
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
    - name: proxied-tcp-5432
      port: 5432
      targetPort: 5432
      protocol: TCP
    - name: proxied-tcp-6379
      port: 6379
      targetPort: 6379
      protocol: TCP
    - name: proxied-udp-1194
      port: 1194
      targetPort: 1194
      protocol: UDP
    - name: proxied-udp-53
      port: 53
      targetPort: 53
      protocol: UDP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
YML

kubectl -n ingress-nginx rollout restart deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout history deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout status  deploy/ingress-nginx-controller

Minikube » Tunnel

# check minikube user either exists or not
cat /etc/passwd|grep minikube
sudo usermod -aG sudo minikube
# minikube no-password sudo access add to EOL
sudo visudo
minikube ALL=(ALL) NOPASSWD: ALL
# login to minikube user and start tunneling
sudo -i -u minikube
minikube tunnel

Playground

kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat template/nginx.tmpl
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/resolv.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat nginx.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/hosts

kubectl -n external get endpoints
kubectl -n external get service
kubectl -n external get ingress
kubectl -n internal get endpoints
kubectl -n internal get service
kubectl -n internal get ingress
kubectl config get-contexts
sudo -i -u minikube
helm list -A

kubectl get all -A
kubectl get ns
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -c controller -- bash
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- bash

sudo vim /etc/apache2/sites-enabled/000-default.conf
sudo vim /etc/apache2/ports.conf
sudo apachectl -t
sudo systemctl restart apache2.service
sudo systemctl reload apache2.service
systemctl status apache2.service

References