The Modern Full Life Cycle of a Web Application - Ingress Controller
Intro
This article continues the cycle of the “The Modern Full Life Cycle of a Web Application” articles series.
Please find the previous ones on the following links:
The Modern Full Life Cycle of a Web Application - Intro
The Modern Full Life Cycle of a Web Application - The Stack
The Modern Full Life Cycle of a Web Application - Local K8s Cluster
The Modern Full Life Cycle of a Web Application - TLS Certificates
Deploy the Ingress Controller and the TLS certificates
Enable the Ingress Controller
% minikube addons enable ingress
Check the Ingress Controller is working.
% kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create--1-wg8gc 0/1 Completed 0 91m
ingress-nginx-admission-patch--1-6vfsf 0/1 Completed 0 91m
ingress-nginx-controller-69bdbc4d57-krqmq 1/1 Running 0 91m
The setup needs the Nginx to terminate the TLS. For this to happen I am going to set a self signed certificate and hook it to the Nginx configuration.
Deploy the certificate issuer object
% cat <<EOF | kubectl apply -f -
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: demo-webapp-selfsigned
spec:
selfSigned: {}
EOF
Check the certificate issuer object
% kubectl get issuer
NAME READY AGE
demo-webapp-selfsigned True 17m
Deploy the certificate object
cat <<EOF | kubectl apply -f -
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: selfsigned-cert
spec:
commonName: "demo-webapp.website"
dnsNames:
- "demo-webapp.website"
secretName: selfsigned-cert-tls
issuerRef:
name: demo-webapp-selfsigned
EOF
Check the certificate object
% kubectl get cert
NAME READY SECRET AGE
selfsigned-cert True selfsigned-cert-tls 16m
Deploy the ingress object
% cat << EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: demo-webapp
annotations:
# use the shared ingress-nginx
kubernetes.io/ingress.class: "nginx"
spec:
tls:
- hosts:
- "demo-webapp.website"
secretName: tls-secret
rules:
- host: "demo-webapp.website"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: my-juice-shop
port:
number: 3000
EOF
Check the ingress object
% kubectl get ing
NAME CLASS HOSTS ADDRESS PORTS AGE
demo-webapp <none> demo-webapp.website 192.168.64.5 80, 443 8m
Sign up now so you don’t miss the next issue.
In the meantime, tell your friends!