The Modern Full Life Cycle of a Web Application - Ingress Controller
Intro
This article continues the cycle of the “The Modern Full Life Cycle of a Web Application” articles series.
Please find the previous ones on the following links:
The Modern Full Life Cycle of a Web Application - Intro
The Modern Full Life Cycle of a Web Application - The Stack
The Modern Full Life Cycle of a Web Application - Local K8s Cluster
The Modern Full Life Cycle of a Web Application - TLS Certificates
Deploy the Ingress Controller and the TLS certificates
Enable the Ingress Controller
% minikube addons enable ingressCheck the Ingress Controller is working.
% kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create--1-wg8gc 0/1 Completed 0 91m
ingress-nginx-admission-patch--1-6vfsf 0/1 Completed 0 91m
ingress-nginx-controller-69bdbc4d57-krqmq 1/1 Running 0 91mThe setup needs the Nginx to terminate the TLS. For this to happen I am going to set a self signed certificate and hook it to the Nginx configuration.
Deploy the certificate issuer object
% cat <<EOF | kubectl apply -f -apiVersion: cert-manager.io/v1kind: Issuermetadata: name: demo-webapp-selfsignedspec: selfSigned: {}EOFCheck the certificate issuer object
% kubectl get issuerNAME READY AGEdemo-webapp-selfsigned True 17mDeploy the certificate object
cat <<EOF | kubectl apply -f -apiVersion: cert-manager.io/v1kind: Certificatemetadata: name: selfsigned-certspec: commonName: "demo-webapp.website" dnsNames: - "demo-webapp.website" secretName: selfsigned-cert-tls issuerRef: name: demo-webapp-selfsignedEOFCheck the certificate object
% kubectl get certNAME READY SECRET AGEselfsigned-cert True selfsigned-cert-tls 16mDeploy the ingress object
% cat << EOF | kubectl apply -f -apiVersion: networking.k8s.io/v1kind: Ingressmetadata: name: demo-webapp annotations: # use the shared ingress-nginx kubernetes.io/ingress.class: "nginx"spec: tls: - hosts: - "demo-webapp.website" secretName: tls-secret rules: - host: "demo-webapp.website" http: paths: - path: / pathType: ImplementationSpecific backend: service: name: my-juice-shop port: number: 3000EOFCheck the ingress object
% kubectl get ingNAME CLASS HOSTS ADDRESS PORTS AGEdemo-webapp <none> demo-webapp.website 192.168.64.5 80, 443 8mSign up now so you don’t miss the next issue.
In the meantime, tell your friends!