technicalkiwi/k8s
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: technicalkiwi:371cb2885e216202954f3a43f59c39029c7228fd
Branches Tags
technicalkiwi:master
..
compare: technicalkiwi:master
Branches Tags
technicalkiwi:master

12 Commits
371cb2885e ... master

Author SHA1 Message Date
Jimmy
350f17fd36 Add letsencrypt 2022-03-07 14:15:56 +00:00
Jimmy
822cd4a3ef Update READEME 2022-02-09 14:08:25 +13:00
Jimmy
5366d94508 Change domain 2022-02-09 14:08:09 +13:00
Jimmy
94fff2eb22 Use tls 2022-02-09 14:02:00 +13:00
Jimmy
839104e6d8 Update README 2022-02-09 13:44:11 +13:00
Jimmy
dd0b70e779 Add service config 2022-02-09 13:43:17 +13:00
Jimmy
1fb2dcf040 Add deploment config 2022-02-09 13:42:55 +13:00
Jimmy
768935528b Rename 2022-02-09 13:42:27 +13:00
Jimmy
5188b5b65e Fix snap alias 2022-02-09 13:32:32 +13:00
Jimmy
82b4704f13 Ingress example 2022-02-08 23:55:21 +13:00
Jimmy
8962d42a81 alias kubectl 2022-02-08 23:33:56 +13:00
Jimmy
abfc7ef8c9 fix perms 2022-02-08 23:33:04 +13:00
12 changed files with 203 additions and 5 deletions
Expand all files Collapse all files

7
cloud-init.yaml
View File

@@ -7,9 +7,6 @@ packages:
snap:
commands:
- ["install", "microk8s", "--classic"]
- ["install", "kubectl", "--classic"]
system_info:
default_user:
@@ -20,7 +17,7 @@ system_info:
runcmd:
- mkdir -p /home/ubuntu/.kube /home/ubuntu/.config/fish/completions
- microk8s config > /home/ubuntu/.kube/config
- snap alias microk8s.kubectl kubectl
- kubectl completion fish > /home/ubuntu/.config/fish/completions/kubectl.fish
- chown -R ubuntu:ubuntu /home/ubuntu/.kube /home/ubuntu/.config/fish/completions
- chown -R ubuntu:ubuntu /home/ubuntu/.kube /home/ubuntu/.config/fish
- microk8s enable dns ingress dashboard helm helm3

25
ingress/README.md Normal file
View File

@@ -0,0 +1,25 @@
# K8s setup with Nignx Ingress
```kubectl apply -f k8s/ingress```
Edit hosts file on host machine
Get ip of vm
```ip -o a | grep ens```
```sudo nano /etc/hosts```
```<ip> ingress.local```
http://ingress.local
http://ingress.local/v2
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-side-https-enforcement-through-redirect
https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/

19
ingress/web-deplyment.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
spec:
selector:
matchLabels:
run: web
replicas: 1
template:
metadata:
labels:
run: web
spec:
containers:
- name: web
image: gcr.io/google-samples/hello-app:1.0
ports:
- containerPort: 80

30
ingress/web-ingress.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/preserve-trailing-slash: "true"
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web
port:
number: 8080
- path: /v2
pathType: Prefix
backend:
service:
name: web2
port:
number: 8080
tls:
- hosts:
- ingress.local

12
ingress/web-service.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: web
labels:
run: web
spec:
ports:
- port: 8080
protocol: TCP
selector:
run: web

19
ingress/web2-deplyment.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: web2
spec:
selector:
matchLabels:
run: web2
replicas: 3
template:
metadata:
labels:
run: web2
spec:
containers:
- name: web2
image: gcr.io/google-samples/hello-app:2.0
ports:
- containerPort: 80

12
ingress/web2-service.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: web2
labels:
run: web2
spec:
ports:
- port: 8080
protocol: TCP
selector:
run: web2

1
letsencrypt/README.md Normal file
View File

@@ -0,0 +1 @@
https://stackoverflow.com/questions/67430592/how-to-setup-letsencrypt-with-kubernetes-microk8s-using-default-ingress

24
letsencrypt/ingress-routes.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-routes
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- hosts:
#change to your domain
- k8s.technical.kiwi
secretName: tls-secret
rules:
#change yourdomain.com to your domain
- host: k8s.technical.kiwi
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: webserver-svc
port:
number: 80

15
letsencrypt/letsencrypt-prod.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
#change to your email
email: admin@technical.kiwi
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: public

15
letsencrypt/letsencrypt-staging.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
#change to your email
email: admin@technical.kiwi
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: public

29
letsencrypt/webserver-depl-svc.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: webserver-depl
spec:
selector:
matchLabels:
app: webserver-app
template:
metadata:
labels:
app: webserver-app
spec:
containers:
- name: webserver-app
image: nginx:1.8
---
apiVersion: v1
kind: Service
metadata:
name: webserver-svc
spec:
selector:
app: webserver-app
ports:
- name: webserver-app
protocol: TCP
port: 80
targetPort: 80