This is a part of the series of posts on Getting an API running in Kubernetes. For this to make sense you should have worked through a few of the earlier examples
I recommend that you save your commands in various scripts so you can repeat them or modify them later. In this article - we're doing this. IngressThis is the last step to getting your app out there. For my example, I'm using one of my exitsing domains, but lets pretend its called awesome.com. The objective is to be able to do a /GET from the browser - as in https://demo.awesome.com/?data=helloworld or a /GET or a CORS /POST from a javaScript app with the message in the body. https://demo.awesome.com/ The yaml file for the ingress looks like this - I've added another service that doesn't exist so you can see how to do that if you need to eventually. In particulat, look at the red items - we'll cover those in a moment. make-ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: playback-ingress annotations: kubernetes.io/ingress.class: nginx kubernetes.io/tls-acme: 'true' spec: rules: - host: demo.awesome.com http: paths: - path: / backend: serviceName: playback-service servicePort: 80 - host: somewhere-else.awesome.com http: paths: - path: / backend: serviceName: someother-service servicePort: 4000 tls: - secretName: playback-tls-cert hosts: - demo.awesome.com - somewhere-else.awesome.com and you can apply it make-ingress.sh kubectl apply -f make-ingress.yaml gives this kubectl get ingress NAME HOSTS ADDRESS PORTS AGE playback-ingress demo.awesome.com,somewhere-else.awesome.com 130.211.214.218 80, 443 1d TestOver in the browser AnnotationsThe .yaml file contains 2 annotations (annotations were covered in Getting an ssl certificate for Kubernetes ingress). annotations: kubernetes.io/ingress.class: nginx kubernetes.io/tls-acme: 'true'
RulesThis rule says that when a request for the demo.awesome.com/ comes in, route it to the playback-service, which will be listening on port 80. - host: demo.awesome.com http: paths: - path: / backend: serviceName: playback-service servicePort: 80 TlsThe tls section is used by kube-lego to decide which domains need ssl certificates, and the secretName is where to store them. tls: - secretName: playback-tls-cert hosts: - demo.awesome.com - somewhere-else.awesome.com kubectl get secret NAME TYPE DATA AGE playback-tls-cert kubernetes.io/tls 2 1d Next stepWe're done - thanks for sticking with me the whole way. See Getting an API running in Kubernetes for a recap
|
Services > Desktop Liberation - the definitive resource for Google Apps Script and Microsoft Office automation > Google cloud platform > Getting an API running in Kubernetes >