Compare commits

...

4 Commits

Author SHA1 Message Date
350f17fd36 Add letsencrypt 2022-03-07 14:15:56 +00:00
822cd4a3ef Update READEME 2022-02-09 14:08:25 +13:00
5366d94508 Change domain 2022-02-09 14:08:09 +13:00
94fff2eb22 Use tls 2022-02-09 14:02:00 +13:00
7 changed files with 112 additions and 4 deletions

View File

@@ -1,5 +1,25 @@
# K8s setup with Nignx Ingress
```kubectl apply -f k8s/ingress```
Edit hosts file on host machine
Get ip of vm
```ip -o a | grep ens```
```sudo nano /etc/hosts```
```<ip> ingress.local```
http://ingress.local
http://ingress.local/v2
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-side-https-enforcement-through-redirect
https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/
```kubectl apply -f k8s/ingress```

View File

@@ -4,10 +4,11 @@ metadata:
name: web-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/preserve-trailing-slash: "true"
spec:
rules:
- host: hello-world.info
http:
- http:
paths:
- path: /
pathType: Prefix
@@ -23,4 +24,7 @@ spec:
service:
name: web2
port:
number: 8080
number: 8080
tls:
- hosts:
- ingress.local

1
letsencrypt/README.md Normal file
View File

@@ -0,0 +1 @@
https://stackoverflow.com/questions/67430592/how-to-setup-letsencrypt-with-kubernetes-microk8s-using-default-ingress

View File

@@ -0,0 +1,24 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-routes
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- hosts:
#change to your domain
- k8s.technical.kiwi
secretName: tls-secret
rules:
#change yourdomain.com to your domain
- host: k8s.technical.kiwi
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: webserver-svc
port:
number: 80

View File

@@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
#change to your email
email: admin@technical.kiwi
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: public

View File

@@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
#change to your email
email: admin@technical.kiwi
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: public

View File

@@ -0,0 +1,29 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: webserver-depl
spec:
selector:
matchLabels:
app: webserver-app
template:
metadata:
labels:
app: webserver-app
spec:
containers:
- name: webserver-app
image: nginx:1.8
---
apiVersion: v1
kind: Service
metadata:
name: webserver-svc
spec:
selector:
app: webserver-app
ports:
- name: webserver-app
protocol: TCP
port: 80
targetPort: 80