-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge "create ingress for advanced-kubernetes"
- Loading branch information
Showing
4 changed files
with
177 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
--- | ||
title: Overview | ||
order: 1 | ||
duration: 10 | ||
--- | ||
|
||
--- | ||
This tutorial will show you how to use Kubernetes on the ARDC Nectar Research Cloud. You will | ||
learn the minimum application requirements for a Kubernetes cluster on Nectar. | ||
|
||
### What you'll learn | ||
|
||
- Build a sample website infrastructure | ||
- Deploy Ingress-Nginx using Helm | ||
- Deploy cert-manager using Helm | ||
- Deploy sealed-secrets using Helm | ||
|
||
### What you'll need, a working Kubernetes cluster and Helm application. | ||
|
||
- A Kubernetes cluster set up using Magnum. See [Kubernetes]({{ site.baseurl }}/kubernetes/01-overview) on | ||
how to set up a Kubernetes Cluster on Nectar Cloud. | ||
|
||
- [helm](https://helm.sh/docs/intro/install/) | ||
|
||
|
||
|
||
**kubectl version skew policy** | ||
kubectl is officially supported within one minor version (older or newer) | ||
of kube-apiserver. If your cluster is running 1.28.7 you should use a kubectl | ||
between 1.27 and 1.29. See the k8s version skew policy [here.](https://kubernetes.io/releases/version-skew-policy/). | ||
{: .callout-warning} | ||
|
||
## Magnum | ||
|
||
Magnum is the project for the Container Orchestration Engine (COE) Service in | ||
OpenStack. In the Nectar context, the only COE framework that is tested and | ||
supported is Kubernetes, so this tutorial will only cover topics that are | ||
related to Kubernetes. | ||
|
||
|
||
## Kubernetes Tutorial | ||
|
||
Kubernetes has an extensive [documentation | ||
site](https://kubernetes.io/docs/concepts/), which covers many of the | ||
concepts that we will be covering, often in greater depth than we do here. | ||
|
||
The purpose of this tutorial is not to replace Kubernetes documention. | ||
Rather we aim to show you how to integrate some advanced features on a Kubernetes cluster on | ||
the Nectar Research Cloud. | ||
|
||
This tutorial uses Linux command-line tools rather than the "Project > Container Infra" dashboard panels. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
--- | ||
title: Creating an Ingress with availability zone set | ||
order: 2 | ||
duration: 10 | ||
--- | ||
|
||
In this section, we will deploy an [Igress-Nginx controller](https://kubernetes.io/docs/concepts/services-networking/ingress/) | ||
using helm. | ||
|
||
1. To have the loadbalancer launched in a specific Nectar availability zone, we need to create an ingress-nginx values.yaml file with specified Nectar | ||
availability zone annotation. The example below shows how to deploy the ingress-nginx loadbalancer in AZ monash-02. | ||
|
||
``` | ||
controller: | ||
Service: | ||
annotations: | ||
loadbalancer.openstack.org/availability-zone: monash-02 | ||
``` | ||
|
||
2. Add Ingress-Nginx helm repo and run helm repo update | ||
|
||
``` | ||
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx | ||
helm repo update | ||
``` | ||
|
||
3. Install Ingress-Nginx using helm with values.yaml file created in step 1 | ||
|
||
``` | ||
helm install ingress-nginx -f values.yaml ingress-nginx/ingress-nginx --namespace ingress-nginx --create-namespace | ||
Release "ingress-nginx" has been upgraded. Happy Helming! | ||
NAME: ingress-nginx | ||
LAST DEPLOYED: Wed Apr 24 01:16:40 2024 | ||
… a few more lines of output … | ||
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: example-tls | ||
namespace: foo | ||
data: | ||
tls.crt: <base64 encoded cert> | ||
tls.key: <base64 encoded key> | ||
type: kubernetes.io/tls | ||
... | ||
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | ||
service/ingress-nginx-controller LoadBalancer 10.254.167.36 130.194.251.159 80:32306/TCP,443:32266/TCP 2m58s | ||
service/ingress-nginx-controller-admission ClusterIP 10.254.37.77 <none> 443/TCP 2m58s | ||
NAME READY UP-TO-DATE AVAILABLE AGE | ||
deployment.apps/ingress-nginx-controller 1/1 1 1 2m58s | ||
... | ||
job.batch/ingress-nginx-admission-patch 1/1 59s 2m58s | ||
``` | ||
|
||
4. Verify whether Ingress-Nginx ingress controller is successfully deployed by checking if `ingress-nginx` namespace is created | ||
and `EXTERNAL-IP` of `service/ingress-nginx-controller` is populated. | ||
|
||
``` | ||
kubectl get ns | ||
NAME STATUS AGE | ||
default Active 3d14h | ||
ingress-nginx Active 4m29s | ||
kube-node-lease Active 3d14h | ||
kube-public Active 3d14h | ||
kube-system Active 3d14h | ||
``` | ||
|
||
``` | ||
kubectl get all -n ingress-nginx | ||
NAME READY STATUS RESTARTS AGE | ||
pod/ingress-nginx-controller-7854678f64-7bfdk 1/1 Running 0 21h | ||
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | ||
service/ingress-nginx-controller LoadBalancer 10.254.251.41 130.194.250.107 80:30502/TCP,443:31959/TCP 21h | ||
service/ingress-nginx-controller-admission ClusterIP 10.254.75.111 <none> 443/TCP 21h | ||
NAME READY UP-TO-DATE AVAILABLE AGE | ||
deployment.apps/ingress-nginx-controller 1/1 1 1 21h | ||
NAME DESIRED CURRENT READY AGE | ||
replicaset.apps/ingress-nginx-controller-7854678f64 1 1 1 21h | ||
``` | ||
|
||
## More information | ||
|
||
For more information, refer to: | ||
|
||
- [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
--- | ||
layout: none | ||
--- | ||
{%- include collection.html -%} | ||
{%- assign first_page = site[collection.label] | where_exp: "item", "item.order != null" | sort: "order" | first -%} | ||
<!DOCTYPE html> | ||
<html lang="en-US"> | ||
<meta charset="utf-8"> | ||
<title>Redirecting…</title> | ||
<link rel="canonical" href="{{ first_page.url | prepend: site.baseurl }}"> | ||
<script>location="{{ first_page.url | prepend: site.baseurl }}"</script> | ||
<meta http-equiv="refresh" content="0; url="{{ first_page.url | prepend: site.baseurl }}"> | ||
<meta name="robots" content="noindex"> | ||
<h1>Redirecting…</h1> | ||
<a href="{{ first_page.url | prepend: site.baseurl }}">Click here if you are not redirected.</a> | ||
</html> |