Cluster Setup – Secure Ingress

title: “Cluster Setup – Secure Ingress”
date: 2020-12-08T21:56:20
slug: cluster-setup-secure-ingress

Install nginx Ingress:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/cloud/deploy.yaml

Create an Ingress:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
 name: secure-ingress
 annotations:
 nginx.ingress.kubernetes.io/rewrite-target: /
spec:
 rules:
 - http:
 paths:
 - path: /service1
 pathType: Prefix
 backend:
 service:
 name: service1
 port:
 number: 80
 - path: /service2
 pathType: Prefix
 backend:
 service:
 name: service2
 port:
 number: 80

Expose two pods:

k expose pod pod1 --port 80 --name service1
k expose pod pod2 --port 80 --name service2

Create Certificate:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes

Create Secret from Certificate:

k create secret tls secure-ingress --cert=cert.pem --key=key.pem

Add TLS to ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
 name: secure-ingress
 annotations:
 nginx.ingress.kubernetes.io/rewrite-target: /
spec:
 tls:
 - hosts:
 - https-example.foo.com
 secretName: secure-ingress
 rules:
 - http:
 paths:
 - path: /service1
 pathType: Prefix
 backend:
 service:
 name: service1
 port:
 number: 80
 - path: /service2
 pathType: Prefix
 backend:
 service:
 name: service2
 port:
 number: 80
Print Friendly, PDF & Email