{"id":1478,"date":"2024-12-10T14:10:43","date_gmt":"2024-12-10T14:10:43","guid":{"rendered":"https:\/\/kb.lagonet.vn\/?p=1478"},"modified":"2024-12-10T14:10:43","modified_gmt":"2024-12-10T14:10:43","slug":"ingress","status":"publish","type":"post","link":"https:\/\/kb.lagonet.vn\/?p=1478","title":{"rendered":"INGRESS"},"content":{"rendered":"\n

Here is a detailed step-by-step guide based on the instructions you’ve provided:<\/p>\n\n\n\n

\n\n\n\n

Step 1: Install Helm<\/strong><\/h3>\n\n\n\n

Run the following command to install Helm on your system:<\/p>\n\n\n\n

curl -sSL https:\/\/raw.githubusercontent.com\/helm\/helm\/master\/scripts\/get-helm-3 | bash\n<\/code><\/pre>\n\n\n\n
\n\n\n\n
Step 2: Deploy NGINX Ingress Controller<\/strong><\/h3>\n\n\n\n
Use Helm to deploy the NGINX Ingress Controller:<\/p>\n\n\n\n
helm upgrade --install ingress-nginx ingress-nginx \\\n  --repo https:\/\/kubernetes.github.io\/ingress-nginx \\\n  --namespace ingress-nginx --create-namespace\n<\/code><\/pre>\n\n\n\n
    \n
  • This command installs the Ingress Controller into the namespace ingress-nginx<\/code>.<\/li>\n<\/ul>\n\n\n\n
    Verify the installation:<\/p>\n\n\n\n
    kubectl get all --namespace=ingress-nginx\n<\/code><\/pre>\n\n\n\n
    Check the service ingress-nginx-controller<\/code> to find the NodePort:<\/p>\n\n\n\n
    kubectl get svc --namespace=ingress-nginx\n<\/code><\/pre>\n\n\n\n
    Access the default “Not Found” page to confirm that the Ingress Controller is working:<\/p>\n\n\n\n
    http://<Public-IP>:<NodePort>\n<\/code><\/pre>\n\n\n\n
    \n\n\n\n
    Step 3: Create a Namespace for Your Application<\/strong><\/h3>\n\n\n\n
    Create a namespace called webphp<\/code>:<\/p>\n\n\n\n
    kubectl create ns webphp\n<\/code><\/pre>\n\n\n\n
    \n\n\n\n
    Step 4: Deploy a Demo Application<\/strong><\/h3>\n\n\n\n
      \n
    1. Deploy a simple application using the httpd<\/code> image: kubectl create deployment demo --image=httpd --port=80 -n webphp<\/code><\/li>\n\n\n\n
    2. Expose the deployment as a service: kubectl expose deployment demo -n webphp<\/code><\/li>\n\n\n\n
    3. Verify the deployment and service: kubectl get all -o wide -n webphp<\/code><\/li>\n<\/ol>\n\n\n\n
      \n\n\n\n
      Step 5: Create an Ingress Resource<\/strong><\/h3>\n\n\n\n
        \n
      1. Create a file named ingressdemo.yaml<\/code> with the following content: apiVersion: networking.k8s.io\/v1 kind: Ingress metadata: name: python-ingress namespace: webphp spec: ingressClassName: nginx rules: - host: \"www.ccnapnh.fun\" http: paths: - path: \/ pathType: Prefix backend: service: name: demo port: number: 80<\/code><\/li>\n\n\n\n
      2. Apply the Ingress configuration: kubectl apply -f ingressdemo.yaml<\/code><\/li>\n\n\n\n
      3. Check if the Ingress is created successfully: kubectl get ingress -n webphp<\/code><\/li>\n<\/ol>\n\n\n\n
        \n\n\n\n
        Step 6: Access the Application<\/strong><\/h3>\n\n\n\n
          \n
        1. Update your DNS records for www.ccnapnh.fun<\/code>:\n
            \n
          • Create an A<\/code> record pointing to the public IP of your Kubernetes cluster (e.g., 18.162.52.233<\/code>).<\/li>\n<\/ul>\n<\/li>\n\n\n\n
          • Test the application using the curl<\/code> command: curl -i <Cluster-Public-IP>:<NodePort> -H 'Host: www.ccnapnh.fun'<\/code><\/li>\n<\/ol>\n\n\n\n
            \n\n\n\n
            Step 7: Enable HTTPS with Let\u2019s Encrypt<\/strong><\/h3>\n\n\n\n
              \n
            1. Install certbot<\/code>: sudo apt install letsencrypt<\/code><\/li>\n\n\n\n
            2. Generate SSL certificates: sudo certbot certonly --standalone --agree-tos --preferred-challenges http -d www.ccnapnh.fun -v<\/code><\/li>\n\n\n\n
            3. Verify the certificates: sudo ls \/etc\/letsencrypt\/live\/www.ccnapnh.fun\/<\/code><\/li>\n\n\n\n
            4. Create a Kubernetes Secret: kubectl create secret tls phpsecret \\ --key \/etc\/letsencrypt\/live\/www.ccnapnh.fun\/privkey.pem \\ --cert \/etc\/letsencrypt\/live\/www.ccnapnh.fun\/fullchain.pem \\ -n webphp<\/code><\/li>\n\n\n\n
            5. Confirm the secret: kubectl get secret -n webphp<\/code><\/li>\n<\/ol>\n\n\n\n
              \n\n\n\n
              Step 8: Update Ingress Resource for HTTPS<\/strong><\/h3>\n\n\n\n
                \n
              1. Update the ingressdemo.yaml<\/code> file to include TLS: apiVersion: networking.k8s.io\/v1 kind: Ingress metadata: name: python-ingress namespace: webphp spec: ingressClassName: nginx rules: - host: \"www.ccnapnh.fun\" http: paths: - path: \/ pathType: Prefix backend: service: name: demo port: number: 80 tls: - hosts: - www.ccnapnh.fun secretName: phpsecret<\/code><\/li>\n\n\n\n
              2. Apply the updated Ingress configuration: kubectl apply -f ingressdemo.yaml<\/code><\/li>\n<\/ol>\n\n\n\n
                \n\n\n\n
                Step 9: Verify the Setup<\/strong><\/h3>\n\n\n\n
                  \n
                1. Test the HTTPS connection to your domain: curl -k https:\/\/www.ccnapnh.fun<\/code><\/li>\n\n\n\n
                2. Visit your website in a browser:\n
                    \n
                  • Ensure the SSL certificate is applied correctly.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n
                    \n\n\n\n
                    Step 10: Automate Certificate Renewal<\/strong><\/h3>\n\n\n\n
                      \n
                    • Check the certbot.timer<\/code> for automatic renewal: sudo systemctl status certbot.timer<\/code><\/li>\n\n\n\n
                    • If renewal fails, you can renew manually: sudo certbot renew<\/code><\/li>\n<\/ul>\n\n\n\n
                      \n\n\n\n
                      Let me know if you need help troubleshooting or further details for any of these steps!<\/p>\n","protected":false},"excerpt":{"rendered":"
                      Here is a detailed step-by-step guide based on the instructions you’ve provided: Step 1: Install Helm Run the following command […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[141,143],"tags":[],"class_list":["post-1478","post","type-post","status-publish","format-standard","hentry","category-devops","category-k8s"],"_links":{"self":[{"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/posts\/1478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1478"}],"version-history":[{"count":1,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/posts\/1478\/revisions"}],"predecessor-version":[{"id":1479,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=\/wp\/v2\/posts\/1478\/revisions\/1479"}],"wp:attachment":[{"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kb.lagonet.vn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}