K8s/Ingress: Difference between revisions
Jump to navigation
Jump to search
Tag: Manual revert |
|||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==CoreDNS== | ==CoreDNS== | ||
{|class= | {|class='wikitable mw-collapsible' | ||
!scope='col' style='width:600px'| | !scope='col' style='width:600px'| | ||
'''Kube-System » ConfigMap » CoreDNS''' | '''Kube-System » ConfigMap » CoreDNS''' | ||
| Line 46: | Line 46: | ||
errors | errors | ||
cache 30 | cache 30 | ||
forward . | forward . 1.1.1.1 8.8.8.8 | ||
} | } | ||
chorke.org:53 { | chorke.org:53 { | ||
errors | errors | ||
cache 30 | cache 30 | ||
forward . | forward . 1.1.1.1 8.8.8.8 | ||
} | } | ||
shahed.biz:53 { | shahed.biz:53 { | ||
errors | errors | ||
cache 30 | cache 30 | ||
forward . | forward . 1.1.1.1 8.8.8.8 | ||
} | } | ||
group.local:53 { | group.local:53 { | ||
| Line 99: | Line 99: | ||
} | } | ||
YML | YML | ||
kubectl -n kube-system rollout restart deploy/coredns | |||
</syntaxhighlight> | </syntaxhighlight> | ||
|} | |} | ||
| Line 143: | Line 145: | ||
kind: Service | kind: Service | ||
metadata: | metadata: | ||
name: | name: host | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
spec: | spec: | ||
type: ExternalName | type: ExternalName | ||
| Line 211: | Line 213: | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
spec: | spec: | ||
ingressClassName: nginx | ingressClassName: nginx | ||
| Line 225: | Line 227: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 80 | number: 80 | ||
| Line 242: | Line 244: | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
spec: | spec: | ||
ingressClassName: nginx | ingressClassName: nginx | ||
| Line 256: | Line 258: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 2013 | number: 2013 | ||
| Line 273: | Line 275: | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
spec: | spec: | ||
ingressClassName: nginx | ingressClassName: nginx | ||
| Line 287: | Line 289: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 2015 | number: 2015 | ||
| Line 308: | Line 310: | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
spec: | spec: | ||
ingressClassName: nginx | ingressClassName: nginx | ||
| Line 322: | Line 324: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 1080 | number: 1080 | ||
| Line 339: | Line 341: | ||
namespace: internal | namespace: internal | ||
labels: | labels: | ||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | app.kubernetes.io/version: 1.0.0 | ||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | app.kubernetes.io/managed-by: kubectl | ||
annotations: | annotations: | ||
nginx.ingress.kubernetes.io/proxy-body-size: '0' | nginx.ingress.kubernetes.io/proxy-body-size: '0' | ||
| Line 355: | Line 357: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 9801 | number: 9801 | ||
| Line 365: | Line 367: | ||
backend: | backend: | ||
service: | service: | ||
name: | name: host | ||
port: | port: | ||
number: 9800 | number: 9800 | ||
| Line 473: | Line 475: | ||
app.kubernetes.io/name: ingress-nginx | app.kubernetes.io/name: ingress-nginx | ||
data: | data: | ||
1194: "internal/ | 1194: "internal/host:1194" | ||
53: "kube-system/kube-dns:53" | 53: "kube-system/kube-dns:53" | ||
YML | YML | ||
| Line 717: | Line 719: | ||
* [[K8s/Nginx/Ingress|K8s » Nginx » Ingress]] | * [[K8s/Nginx/Ingress|K8s » Nginx » Ingress]] | ||
* [[K8s/Storage|K8s » Storage]] | * [[K8s/Storage|K8s » Storage]] | ||
* [[K8s/Secret|K8s » Secret]] | |||
|- | |- | ||
Latest revision as of 13:30, 24 July 2025
CoreDNS
|
Kube-System » ConfigMap » CoreDNS |
|---|
cat <<'YML'|kubectl apply -n kube-system -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
log
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
hosts {
192.168.49.1 host.minikube.internal
fallthrough
}
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30 {
disable success cluster.local
disable denial cluster.local
}
loop
reload
loadbalance
}
chorke.com:53 {
errors
cache 30
forward . 1.1.1.1 8.8.8.8
}
chorke.org:53 {
errors
cache 30
forward . 1.1.1.1 8.8.8.8
}
shahed.biz:53 {
errors
cache 30
forward . 1.1.1.1 8.8.8.8
}
group.local:53 {
errors
cache 30
forward . 192.168.49.2
}
biz.local:53 {
errors
cache 30
forward . 192.168.49.2
}
com.local:53 {
errors
cache 30
forward . 192.168.49.2
}
k8s.local:53 {
errors
cache 30
forward . 192.168.49.2
}
org.local:53 {
errors
cache 30
forward . 192.168.49.2
}
bd.local:53 {
errors
cache 30
forward . 192.168.49.2
}
io.local:53 {
errors
cache 30
forward . 192.168.49.2
}
my.local:53 {
errors
cache 30
forward . 192.168.49.2
}
YML
kubectl -n kube-system rollout restart deploy/coredns
|
External
kubectl get ns|grep external
kubectl delete namespace external
kubectl create namespace external
Internal
kubectl get ns|grep internal
kubectl delete namespace internal
kubectl create namespace internal
|
kubectl get ns|grep academia
kubectl delete namespace academia
kubectl create namespace academia
|
kubectl get ns|grep agronomy
kubectl delete namespace agronomy
kubectl create namespace agronomy
|
|
| ||
cat << YML|kubectl apply -n internal -f -
---
apiVersion: v1
kind: Service
metadata:
name: host
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
type: ExternalName
externalName: host.minikube.internal
YML
|
cat << YML|kubectl apply -n academia -f -
---
apiVersion: v1
kind: Service
metadata:
name: academia
namespace: academia
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/name: academia
app.kubernetes.io/instance: academia
app.kubernetes.io/managed-by: kubectl
spec:
type: ExternalName
externalName: host.minikube.internal
YML
|
cat << YML|kubectl apply -n agronomy -f -
---
apiVersion: v1
kind: Service
metadata:
name: agronomy
namespace: agronomy
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/name: agronomy
app.kubernetes.io/instance: agronomy
app.kubernetes.io/managed-by: kubectl
spec:
type: ExternalName
externalName: host.minikube.internal
YML
|
|
| ||
Internal » HAProxycat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: haproxy
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: "host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
|
Internal » Apachecat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apache
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: "apache.host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 2013
YML
|
Internal » Nginxcat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: "nginx.host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 2015
YML
|
|
| ||
Internal » GitLabcat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitlab
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: "gitlab.host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 1080
YML
|
Internal » MinIOcat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: "minio.host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 9801
- host: "s3.host.k8s.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 9800
YML
|
Agronomy » Portalcat << YML | kubectl apply -n agronomy -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: agronomy
namespace: agronomy
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/name: agronomy
app.kubernetes.io/instance: agronomy
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: "agronomy.chorke.local"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: agronomy
port:
number: 3000
- path: /services/flair/
pathType: ImplementationSpecific
backend:
service:
name: agronomy
port:
number: 9004
- path: /services/quote/
pathType: ImplementationSpecific
backend:
service:
name: agronomy
port:
number: 9003
- path: /services/audit/
pathType: ImplementationSpecific
backend:
service:
name: agronomy
port:
number: 9002
- path: /services/users/
pathType: ImplementationSpecific
backend:
service:
name: agronomy
port:
number: 9000
YML
|
Ingress » Nginx
ConfigMap » tcp-servicescat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
data:
5432: "postgresql/postgresql:5432"
6379: "redis/redis-headless:6379"
YML
|
ConfigMap » udp-servicescat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
data:
1194: "internal/host:1194"
53: "kube-system/kube-dns:53"
YML
|
|
| |
Service » ingress-nginxcat << YML | kubectl apply -n ingress-nginx -f -
---
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
- name: https
port: 443
targetPort: 443
protocol: TCP
- name: proxied-tcp-5432
port: 5432
targetPort: 5432
protocol: TCP
- name: proxied-tcp-6379
port: 6379
targetPort: 6379
protocol: TCP
- name: proxied-udp-1194
port: 1194
targetPort: 1194
protocol: UDP
- name: proxied-udp-53
port: 53
targetPort: 53
protocol: UDP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
YML
| |
|
| |
kubectl -n ingress-nginx rollout restart deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout history deploy/ingress-nginx-controller
kubectl -n ingress-nginx rollout status deploy/ingress-nginx-controller
| |
Ingress » Dashboard
cat << ENV | kubectl -n=kubernetes-dashboard create secret generic kubernetes-dashboard-auth --from-file=auth=/dev/stdin
$(htpasswd -nbB shahed 'sadaqah!')
$(htpasswd -nbB chorke 'sadaqah!')
ENV
|
|
|
cat << YML | kubectl -n kubernetes-dashboard apply -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubernetes-dashboard
namespace: kubernetes-dashboard
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/name: kubernetes-dashboard
app.kubernetes.io/instance: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
nginx.ingress.kubernetes.io/auth-secret: kubernetes-dashboard-auth
spec:
ingressClassName: nginx
rules:
- host: www.k8s.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 80
YML
|
Minikube » Tunnel
# check minikube user either exists or not
cat /etc/passwd|grep minikube
sudo usermod -aG sudo minikube
|
# minikube no-password sudo access add to EOL
sudo visudo
minikube ALL=(ALL) NOPASSWD: ALL
|
# login to minikube user and start tunneling
sudo -i -u minikube
minikube tunnel
|
Playground
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat template/nginx.tmpl
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/resolv.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat nginx.conf
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- cat /etc/hosts
| ||
|
| ||
kubectl -n external get endpoints
kubectl -n external get service
kubectl -n external get ingress
|
kubectl -n internal get endpoints
kubectl -n internal get service
kubectl -n internal get ingress
|
kubectl config get-contexts
sudo -i -u minikube
helm list -A
|
|
| ||
kubectl get all -A
kubectl get ns
|
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -c controller -- bash
kubectl -n ingress-nginx exec -it svc/ingress-nginx-controller -- bash
| |
|
| ||
sudo vim /etc/apache2/sites-enabled/000-default.conf sudo vim /etc/apache2/ports.conf sudo apachectl -t |
sudo systemctl restart apache2.service sudo systemctl reload apache2.service systemctl status apache2.service |
|