LearnITGuide.net

This post will show you how to create and use our own SSL / TLS Certificate for our applications on kubernetes ingress controller. So that our users will be able to access our application over https.

You must have running applications on kubernetes cluster with ingress controller.

If you are new to kubernetes and want to learn about kubernetes from basics, Refer the below links and also you can checkout all tutorial videos for free on YouTube and do subscribe for more free videos.

What is Kubernetes - Learn Kubernetes from Basics
How to Install Kubernetes on Linux (RedHat / CentOS)
How to Install Kubernetes On Ubuntu 16.04 LTS
How to Create Kubernetes Deployment, Services & Pods Using Kubectl
How to Create Kubernetes YAML for Deployment, Service & Pods
Kubernetes Volumes Explained with Examples
Kubernetes Persistent Volumes and Claims Explained


Lets get started.

Create a Self Signed Certificate:
lets say i want to create a certificate for the domain knote.learnitguide.com.
Use openssl command to create a Self Signed SSL / TLS Certificate.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -out knote-ingress-tls.crt -keyout knote-ingress-tls.key -subj "/CN=knote.learnitguide.com/O=knote-ingress-tls"

Our self signed certificate is created under the local directory.

Create a Secret:
Use kubectl create secret command to create the secret.

kubectl create secret tls knote-ingress-tls --namespace default --key knote-ingress-tls.key --cert knote-ingress-tls.crt

You can use kubectl get secret command to list out the existing secrets.

kubectl get secret

Make sure the secret we have created is available.
[ads-post]
Edit your ingress rule to specify the certificate:
Add a section for tls under spec. Define the list of host which al are going to use this particular certificate. Finally the specify the secretname with secretName option.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
 tls:  - hosts:     - knote.learnitguide.com    secretName: knote-ingress-tls rules:
- host: knote.learnitguide.com
    http:
      paths:
      - backend:
          serviceName: knote
          servicePort: 80

This is how we have to use the certificate for our applications.

Save and exit the ingress file. Apply the changes

kubectl apply -f ingressfile.yaml

Hope you have got an idea how to create and use our own SSL / TLS Certificate for our ingress controller.

Also refer below related articles and checkout all tutorial videos for free on youtube.

What is Kubernetes - Learn Kubernetes from Basics
How to Install Kubernetes on Linux (RedHat / CentOS)
How to Install Kubernetes On Ubuntu 16.04 LTS
How to Create Kubernetes Deployment, Services & Pods Using Kubectl
How to Create Kubernetes YAML for Deployment, Service & Pods
Kubernetes Volumes Explained with Examples
Kubernetes Persistent Volumes and Claims Explained

Keep practicing and have fun. Leave your comments if any.
Support Us: Share with your friends and groups.

Stay connected with us on social networking sites, Thank you.
YouTube | Facebook | Twitter | Pinterest | Rss
Incoming searches: kubernetes ingress, kubernetes, kubernetes tutorial, kubernetes ingress controller, kubernetes ingress tls, kubectl create secret tls, setup ssl tls certificate on ingress, ingress with tls, setup ingress with tls, ssl certificate kubernetes, ssl cert kubernetes, nginx ssl certificate kubernetes, add ssl certificate to kubernetes, create self signed certificate kubernetes, kubernetes create ssl certificate, use tls certificate for ingress, https with self signed certificate, k8s

There are many projects that supports for ingress controllers like Nginx, Haproxy, Ambassador, Contour, Citrix, Gloo, Istio, Traefik, AWS, GCE, etc,. This post will show you how to setup haproxy ingress controller on kubernetes cluster with step by step procedure. In the previous post, we explained about kubernetes ingress and how to setup nginx ingress controller.

If you are new to kubernetes and want to learn about kubernetes from basics, Refer the below links and also you can checkout all tutorial videos for free on YouTube and do subscribe for more free videos.

What is Kubernetes - Learn Kubernetes from Basics
How to Install Kubernetes on Linux (RedHat / CentOS)
How to Install Kubernetes On Ubuntu 16.04 LTS
How to Create Kubernetes Deployment, Services & Pods Using Kubectl
How to Create Kubernetes YAML for Deployment, Service & Pods
Kubernetes Volumes Explained with Examples
Kubernetes Persistent Volumes and Claims Explained


Lets get started.

Clone Haproxy Ingress Github Repository:

git clone https://github.com/haproxytech/kubernetes-ingress.git

Deploy the Controller:

kubectl apply -f kubernetes-ingress/deploy/haproxy-ingress.yaml

Verify the namespace, pods and services running for ingress controller:

kubectl get ns

You must have new namespace created for ingress ie haproxy-controller.
[ads-post]

kubectl -n haproxy-controller get pods -o wide

All pods should be running. Also verify the service type.

kubectl -n haproxy-controller get svc

By default, haproxy uses nodeport service type, if you want to change it to LoadBalancer type, edit the deployment file "haproxy-ingress.yaml", change the service type and reapply it.
Once the ingress controller is configured, you can start creating ingress rules for your applications.


Hope you have got an idea how to setup haproxy ingress controller.

Also refer below related articles and checkout all tutorial videos for free on youtube.

What is Kubernetes - Learn Kubernetes from Basics
How to Install Kubernetes on Linux (RedHat / CentOS)
How to Install Kubernetes On Ubuntu 16.04 LTS
How to Create Kubernetes Deployment, Services & Pods Using Kubectl
How to Create Kubernetes YAML for Deployment, Service & Pods
Kubernetes Volumes Explained with Examples
Kubernetes Persistent Volumes and Claims Explained

Keep practicing and have fun. Leave your comments if any.
Support Us: Share with your friends and groups.

Stay connected with us on social networking sites, Thank you.
YouTube | Facebook | Twitter | Pinterest | Rss
Incoming searches: Setup HaProxy Ingress Controller, Kubernetes Ingress, Kubernetes Tutorial, kubernetes ingress tutorial, kubernetes haproxy ingress tutorial, kubernetes ingress haproxy examples, HaProxy Ingress kubernetes, HaProxy Ingress controller, HaProxy Ingress ingress controller kubernetes, how to install haproxy ingress controller, haproxy ingress setup, configure haproxy ingress, kubernetes ingress examples, kubernetes ingress controller, ingress kubernetes haproxy, kubernetes, k8s, haproxy

This post will explain you about Kubernetes Ingress. This post covers below topics,

1. What is Kubernetes Ingress?
2. How Kubernetes Ingress is different from Kubernetes Services (Difference of Kubernetes Ingress vs Kubernetes Services) with architecture?
3. How to create ingress rules with Sample examples
4. What is kubernetes ingress controller?
5. Project that supports Kubernetes Ingress Controller?
6. How to setup kubernetes nginx ingress controller?

If you are new to kubernetes and want to learn about kubernetes from basics, Refer the below links and also you can checkout all tutorial videos for free on YouTube and do subscribe for more free videos.

What is Kubernetes - Learn Kubernetes from Basics
How to Install Kubernetes on Linux (RedHat / CentOS)
How to Install Kubernetes On Ubuntu 16.04 LTS
How to Create Kubernetes Deployment, Services & Pods Using Kubectl
How to Create Kubernetes YAML for Deployment, Service & Pods
Kubernetes Volumes Explained with Examples
Kubernetes Persistent Volumes and Claims Explained


Lets get started.

What is Kubernetes Ingress?
Kubernetes ingress is also a Kubernetes resource that allows access to your Kubernetes services from outside the Kubernetes cluster. Which means that routes traffic using collection of rules where we define which inbound connections should reach to which target services.

How Kubernetes Ingress is different from Kubernetes Services?
Kubernetes services also helps us to access our applications from outside the cluster. But ingress do a lot more than kubernetes services. Because, its a single resource that help us for loadbalancing, name based virtualhosting, ssl termination and more.

Lets take an example to understand kubernetes ingress vs kubernetes service.

Example Kubernetes Architecture without Ingress Controller:

Above example architecture shows that some applications running within a cluster and if we want to access it from outside the cluster, what would you do, you will create a service either nodeport or loadbalancer to expose the application. Here we used loadbalancer for each application. And also you must add these into dns for name resolution with A record. If you have multiple domains with multiple dns records for all applications, then, You will have multiple entrypoint to your kubernetes cluster to access your application hosted within it.
[ads-post]
How about if I have single entrypoint for all my application that forwards the traffic to the respective services as like  a regular proxy servers in a kubernetes cluster as shown in the below architecture with ingress controller.
So you dont need to expose all your application outside the cluster using nodeport or loadbalancer service type, instead just change all your application services to clusterip and keep your application safe within the cluster like private applications.

Then create a ingress controller that will be facing the external network, ingress controller is nothing but its a pod only that should be created to route the traffic and just define the rules in ingress resource.

Now you will expose only your ingress controller to outside the cluster using nodeport or loadbalancer. Edit your DNS and modify all the domain names to point our ingress controller.

At this point, we will have single entrypoint to all our applications.

If you access any of the application through url obviously traffic will be redirected to the ingress controller. There you will have ingress rules that controls the routing traffic, so Based on the domain and url pages you access,  traffic will be forwarded to target service.
How the ingress rules will be created?
It is also a kubernetes resources, so just create a file with ingress kind, it should be like this.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: demo-ingress
spec:
 rules:
- host: sales.learnitguide.net
    http:
      paths:
      - backend:
          serviceName: Sales-svc
          servicePort: 80
  - host: purchase.learnitguide.net
    http:
      paths:
      - backend:
          serviceName: Purchase-svc
          servicePort: 80
  - host: examples.site1.com
    http:
      paths:
      - backend:
          serviceName: Examples-svc
          servicePort: 80

Best part of this kubernetes ingress is that support virtualhosting. Which means you can host multiple domains in a single cluster even with different urls. Instead of having single ip address for each domain, you can have multiple domain can point to single target.

Also it supports both http port 80 and https 443.

Also controlling the traffic to the cluster can be easily managed through the ingress rules itself.

All of this rules can be done once you have setup your kubernetes ingress controller.
But without setting up ingress controller in the kubernetes cluster, ingress rules will not work.

There are many projects support kubernetes  ingress controller, some are nginx, haproxy, istio, traefix, and on public clouds, we have google cloud, amazon azure and many more.

Its upto us to choose which controller are we going to use in our cluster. I will setup my kubernetes ingress controller using nginx project.

Setting up Nginx Ingress Controller:
Clone the nginx project from github repository:

git clone https://github.com/kubernetes/ingress-nginx.git

Deploy the Ingress Controller:

kubectl apply -f ingress-nginx/deploy/static/provider/aws/deploy.yaml

This deployment is for aws environment, if you have any other environment (aws, baremetal, cloud, do, kind), replace 'aws' with your provider.

Verify the namespace and pods running for ingress controller:

kubectl get ns

You must have namespace created for ingress controller "ingress-nginx".

kubectl -n ingress-nginx get pods -o wide

Make sure all pods running within this namespace ingress-nginx. Also check the service type for this ingress should be either LoadBalancer or NodePort.

kubectl -n ingress-nginx get svc