INGRESS

By /

Here is a detailed step-by-step guide based on the instructions you’ve provided:

Step 1: Install Helm

Run the following command to install Helm on your system:

curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Step 2: Deploy NGINX Ingress Controller

Use Helm to deploy the NGINX Ingress Controller:

helm upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
  --namespace ingress-nginx --create-namespace
  • This command installs the Ingress Controller into the namespace ingress-nginx.

Verify the installation:

kubectl get all --namespace=ingress-nginx

Check the service ingress-nginx-controller to find the NodePort:

kubectl get svc --namespace=ingress-nginx

Access the default “Not Found” page to confirm that the Ingress Controller is working:

http://<Public-IP>:<NodePort>

Step 3: Create a Namespace for Your Application

Create a namespace called webphp:

kubectl create ns webphp

Step 4: Deploy a Demo Application

  1. Deploy a simple application using the httpd image: kubectl create deployment demo --image=httpd --port=80 -n webphp
  2. Expose the deployment as a service: kubectl expose deployment demo -n webphp
  3. Verify the deployment and service: kubectl get all -o wide -n webphp

Step 5: Create an Ingress Resource

  1. Create a file named ingressdemo.yaml with the following content: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: python-ingress namespace: webphp spec: ingressClassName: nginx rules: - host: "www.ccnapnh.fun" http: paths: - path: / pathType: Prefix backend: service: name: demo port: number: 80
  2. Apply the Ingress configuration: kubectl apply -f ingressdemo.yaml
  3. Check if the Ingress is created successfully: kubectl get ingress -n webphp

Step 6: Access the Application

  1. Update your DNS records for www.ccnapnh.fun:
    • Create an A record pointing to the public IP of your Kubernetes cluster (e.g., 18.162.52.233).
  2. Test the application using the curl command: curl -i <Cluster-Public-IP>:<NodePort> -H 'Host: www.ccnapnh.fun'

Step 7: Enable HTTPS with Let’s Encrypt

  1. Install certbot: sudo apt install letsencrypt
  2. Generate SSL certificates: sudo certbot certonly --standalone --agree-tos --preferred-challenges http -d www.ccnapnh.fun -v
  3. Verify the certificates: sudo ls /etc/letsencrypt/live/www.ccnapnh.fun/
  4. Create a Kubernetes Secret: kubectl create secret tls phpsecret \ --key /etc/letsencrypt/live/www.ccnapnh.fun/privkey.pem \ --cert /etc/letsencrypt/live/www.ccnapnh.fun/fullchain.pem \ -n webphp
  5. Confirm the secret: kubectl get secret -n webphp

Step 8: Update Ingress Resource for HTTPS

  1. Update the ingressdemo.yaml file to include TLS: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: python-ingress namespace: webphp spec: ingressClassName: nginx rules: - host: "www.ccnapnh.fun" http: paths: - path: / pathType: Prefix backend: service: name: demo port: number: 80 tls: - hosts: - www.ccnapnh.fun secretName: phpsecret
  2. Apply the updated Ingress configuration: kubectl apply -f ingressdemo.yaml

Step 9: Verify the Setup

  1. Test the HTTPS connection to your domain: curl -k https://www.ccnapnh.fun
  2. Visit your website in a browser:
    • Ensure the SSL certificate is applied correctly.

Step 10: Automate Certificate Renewal

  • Check the certbot.timer for automatic renewal: sudo systemctl status certbot.timer
  • If renewal fails, you can renew manually: sudo certbot renew

Let me know if you need help troubleshooting or further details for any of these steps!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top