mirror/ typhoon
1
0
Fork 0
mirror of https://github.com/poseidon/typhoon synced 2024-05-09 00:56:11 +02:00
Code Issues
typhoon/addons/ingress/index.html
2022-07-27 16:54:22 -07:00

1430 lines
46 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="A minimal and free Kubernetes distribution">
<meta name="author" content="Dalton Hubble">
<link rel="icon" href="../../img/favicon.ico">
<meta name="generator" content="mkdocs-1.3.0, mkdocs-material-8.3.6">
<title>Nginx Ingress - Typhoon</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.4a0965b7.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.cbb835fc.min.css">
<meta name="theme-color" content="#2094f3">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Slab:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto Slab";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@typhoon8s">
<meta name="twitter:creator" content="@dghubble">
<meta name="twitter:title" content="Minimal and free Kubernetes clusters">
<meta name="twitter:description" content="Kubernetes clusters for AWS, Azure, bare-metal, Google Cloud, and DigitalOcean">
<meta name="twitter:image" content="https://storage.googleapis.com/poseidon/typhoon-twitter-card.png">
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="blue" data-md-color-accent="pink">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#nginx-ingress-controller" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="Typhoon" class="md-header__button md-logo" aria-label="Typhoon" data-md-component="logo">
<img src="../../img/spin.png" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Typhoon
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Nginx Ingress
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/poseidon/typhoon" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
</div>
<div class="md-source__repository">
poseidon/typhoon
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../.." class="md-tabs__link">
Home
</a>
</li>
<li class="md-tabs__item">
<a href="../../announce/" class="md-tabs__link">
Announce
</a>
</li>
<li class="md-tabs__item">
<a href="../../architecture/concepts/" class="md-tabs__link">
Architecture
</a>
</li>
<li class="md-tabs__item">
<a href="../../fedora-coreos/aws/" class="md-tabs__link">
Fedora CoreOS
</a>
</li>
<li class="md-tabs__item">
<a href="../../flatcar-linux/aws/" class="md-tabs__link">
Flatcar Linux
</a>
</li>
<li class="md-tabs__item">
<a href="../../topics/maintenance/" class="md-tabs__link">
Topics
</a>
</li>
<li class="md-tabs__item">
<a href="../../advanced/overview/" class="md-tabs__link">
Advanced
</a>
</li>
<li class="md-tabs__item">
<a href="../overview/" class="md-tabs__link md-tabs__link--active">
Addons
</a>
</li>
</ul>
</div>
</nav>
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="Typhoon" class="md-nav__button md-logo" aria-label="Typhoon" data-md-component="logo">
<img src="../../img/spin.png" alt="logo">
</a>
Typhoon
</label>
<div class="md-nav__source">
<a href="https://github.com/poseidon/typhoon" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
</div>
<div class="md-source__repository">
poseidon/typhoon
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
Home
</a>
</li>
<li class="md-nav__item">
<a href="../../announce/" class="md-nav__link">
Announce
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3">
Architecture
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Architecture" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Architecture
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../architecture/concepts/" class="md-nav__link">
Concepts
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/operating-systems/" class="md-nav__link">
Operating Systems
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/azure/" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/bare-metal/" class="md-nav__link">
Bare-Metal
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/digitalocean/" class="md-nav__link">
DigitalOcean
</a>
</li>
<li class="md-nav__item">
<a href="../../architecture/google-cloud/" class="md-nav__link">
Google Cloud
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
Fedora CoreOS
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Fedora CoreOS" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Fedora CoreOS
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../fedora-coreos/aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../fedora-coreos/azure/" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="../../fedora-coreos/bare-metal/" class="md-nav__link">
Bare-Metal
</a>
</li>
<li class="md-nav__item">
<a href="../../fedora-coreos/digitalocean/" class="md-nav__link">
DigitalOcean
</a>
</li>
<li class="md-nav__item">
<a href="../../fedora-coreos/google-cloud/" class="md-nav__link">
Google Cloud
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5">
Flatcar Linux
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Flatcar Linux" data-md-level="1">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Flatcar Linux
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../flatcar-linux/aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../flatcar-linux/azure/" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="../../flatcar-linux/bare-metal/" class="md-nav__link">
Bare-Metal
</a>
</li>
<li class="md-nav__item">
<a href="../../flatcar-linux/digitalocean/" class="md-nav__link">
DigitalOcean
</a>
</li>
<li class="md-nav__item">
<a href="../../flatcar-linux/google-cloud/" class="md-nav__link">
Google Cloud
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_6" type="checkbox" id="__nav_6" >
<label class="md-nav__link" for="__nav_6">
Topics
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Topics" data-md-level="1">
<label class="md-nav__title" for="__nav_6">
<span class="md-nav__icon md-icon"></span>
Topics
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../topics/maintenance/" class="md-nav__link">
Maintenance
</a>
</li>
<li class="md-nav__item">
<a href="../../topics/hardware/" class="md-nav__link">
Hardware
</a>
</li>
<li class="md-nav__item">
<a href="../../topics/security/" class="md-nav__link">
Security
</a>
</li>
<li class="md-nav__item">
<a href="../../topics/performance/" class="md-nav__link">
Performance
</a>
</li>
<li class="md-nav__item">
<a href="../../topics/faq/" class="md-nav__link">
FAQ
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_7" type="checkbox" id="__nav_7" >
<label class="md-nav__link" for="__nav_7">
Advanced
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Advanced" data-md-level="1">
<label class="md-nav__title" for="__nav_7">
<span class="md-nav__icon md-icon"></span>
Advanced
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../advanced/overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/arm64/" class="md-nav__link">
ARM64
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/customization/" class="md-nav__link">
Customization
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/nodes/" class="md-nav__link">
Nodes
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/worker-pools/" class="md-nav__link">
Worker Pools
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_8" type="checkbox" id="__nav_8" checked>
<label class="md-nav__link" for="__nav_8">
Addons
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Addons" data-md-level="1">
<label class="md-nav__title" for="__nav_8">
<span class="md-nav__icon md-icon"></span>
Addons
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Nginx Ingress
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Nginx Ingress
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#aws" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="#azure" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="#bare-metal" class="md-nav__link">
Bare-Metal
</a>
<nav class="md-nav" aria-label="Bare-Metal">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#equal-cost-multi-path" class="md-nav__link">
Equal-Cost Multi-Path
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#digital-ocean" class="md-nav__link">
Digital Ocean
</a>
</li>
<li class="md-nav__item">
<a href="#google-cloud" class="md-nav__link">
Google Cloud
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../prometheus/" class="md-nav__link">
Prometheus
</a>
</li>
<li class="md-nav__item">
<a href="../grafana/" class="md-nav__link">
Grafana
</a>
</li>
<li class="md-nav__item">
<a href="../fleetlock/" class="md-nav__link">
fleetlock
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#aws" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="#azure" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="#bare-metal" class="md-nav__link">
Bare-Metal
</a>
<nav class="md-nav" aria-label="Bare-Metal">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#equal-cost-multi-path" class="md-nav__link">
Equal-Cost Multi-Path
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#digital-ocean" class="md-nav__link">
Digital Ocean
</a>
</li>
<li class="md-nav__item">
<a href="#google-cloud" class="md-nav__link">
Google Cloud
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://github.com/poseidon/typhoon/edit/master/docs/addons/ingress.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25Z"/></svg>
</a>
<h1 id="nginx-ingress-controller">Nginx Ingress Controller<a class="headerlink" href="#nginx-ingress-controller" title="Permanent link">&para;</a></h1>
<p>Nginx Ingress controller pods accept and demultiplex HTTP, HTTPS, TCP, or UDP traffic to backend services. Ingress controllers watch the Kubernetes API for Ingress resources and update their configuration accordingly. Ingress resources for HTTP(S) applications support virtual hosts (FQDNs), path rules, TLS termination, and SNI.</p>
<h2 id="aws">AWS<a class="headerlink" href="#aws" title="Permanent link">&para;</a></h2>
<p>On AWS, a network load balancer (NLB) distributes TCP traffic across two target groups (port 80 and 443) of worker nodes running an Ingress controller deployment. Security groups rules allow traffic to ports 80 and 443. Health checks ensure only workers with a healthy Ingress controller receive traffic.</p>
<p>Create the Ingress controller deployment, service, RBAC roles, RBAC bindings, and namespace.</p>
<div class="highlight"><pre><span></span><code>kubectl apply -R -f addons/nginx-ingress/aws
</code></pre></div>
<p>For each application, add a DNS CNAME resolving to the NLB's DNS record.</p>
<div class="highlight"><pre><span></span><code>app1.example.com -&gt; tempest-ingress.123456.us-west2.elb.amazonaws.com
app2.example.com -&gt; tempest-ingress.123456.us-west2.elb.amazonaws.com
app3.example.com -&gt; tempest-ingress.123456.us-west2.elb.amazonaws.com
</code></pre></div>
<p>Find the NLB's DNS name through the console or use the Typhoon module's output <code>ingress_dns_name</code>. For example, you might use Terraform to manage a Google Cloud DNS record:</p>
<div class="highlight"><pre><span></span><code><span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;some-application&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # DNS zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;example-zone&quot;</span><span class="c1"></span>
<span class="c1"> # DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;CNAME&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">&quot;${module.tempest.ingress_dns_name}.&quot;</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<h2 id="azure">Azure<a class="headerlink" href="#azure" title="Permanent link">&para;</a></h2>
<p>On Azure, a load balancer distributes traffic across a backend address pool of worker nodes running an Ingress controller deployment. Security group rules allow traffic to ports 80 and 443. Health probes ensure only workers with a healthy Ingress controller receive traffic.</p>
<p>Create the Ingress controller deployment, service, RBAC roles, RBAC bindings, and namespace.</p>
<div class="highlight"><pre><span></span><code>kubectl apply -R -f addons/nginx-ingress/azure
</code></pre></div>
<p>For each application, add a DNS record resolving to the load balancer's IPv4 address.</p>
<div class="highlight"><pre><span></span><code>app1.example.com -&gt; 11.22.33.44
app2.example.com -&gt; 11.22.33.44
app3.example.com -&gt; 11.22.33.44
</code></pre></div>
<p>Find the load balancer's IPv4 address with the Azure console or use the Typhoon module's output <code>ingress_static_ipv4</code>. For example, you might use Terraform to manage a Google Cloud DNS record:</p>
<div class="highlight"><pre><span></span><code><span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;some-application&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # DNS zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;example-zone&quot;</span><span class="c1"></span>
<span class="c1"> # DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;A&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="nv">module.ramius.ingress_static_ipv4</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<h2 id="bare-metal">Bare-Metal<a class="headerlink" href="#bare-metal" title="Permanent link">&para;</a></h2>
<p>On bare-metal, routing traffic to Ingress controller pods can be done in number of ways.</p>
<h3 id="equal-cost-multi-path">Equal-Cost Multi-Path<a class="headerlink" href="#equal-cost-multi-path" title="Permanent link">&para;</a></h3>
<p>Create the Ingress controller deployment, service, RBAC roles, and RBAC bindings. The service should use a fixed ClusterIP (e.g. 10.3.0.12) in the Kubernetes service IPv4 CIDR range.</p>
<div class="highlight"><pre><span></span><code>kubectl apply -R -f addons/nginx-ingress/bare-metal
</code></pre></div>
<p>There is no need for pods to use host networking or for the ingress service to use NodePort or LoadBalancer. Nodes already proxy packets destined for the service's ClusterIP to node(s) with a pod endpoint.</p>
<p>Configure the network router or load balancer with a static route for the Kubernetes service range and set the next hop to a node. Repeat for each node, as desired, and set the metric (i.e. cost) of each. Finally, DNAT traffic destined for the WAN on ports 80 or 443 to the service's fixed ClusterIP.</p>
<p>For each application, add a DNS record resolving to the WAN(s).</p>
<div class="highlight"><pre><span></span><code><span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;some-application&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # Managed DNS Zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;zone-name&quot;</span><span class="c1"></span>
<span class="c1"> # Name of the DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;A&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">&quot;SOME-WAN-IP&quot;</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<h2 id="digital-ocean">Digital Ocean<a class="headerlink" href="#digital-ocean" title="Permanent link">&para;</a></h2>
<p>On DigitalOcean, DNS A and AAAA records (e.g. FQDN <code>nemo-workers.example.com</code>) resolve to each worker<sup id="fnref:1"><a class="footnote-ref" href="#fn:1">1</a></sup> running an Ingress controller DaemonSet on host ports 80 and 443. Firewall rules allow IPv4 and IPv6 traffic to ports 80 and 443.</p>
<p>Create the Ingress controller daemonset, service, RBAC roles, RBAC bindings, and namespace.</p>
<div class="highlight"><pre><span></span><code>kubectl apply -R -f addons/nginx-ingress/digital-ocean
</code></pre></div>
<p>For each application, add a CNAME record resolving to the worker(s) DNS record. Use the Typhoon module's output <code>workers_dns</code> to find the worker DNS value. For example, you might use Terraform to manage a Google Cloud DNS record:</p>
<div class="highlight"><pre><span></span><code><span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;some-application&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # DNS zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;example-zone&quot;</span><span class="c1"></span>
<span class="c1"> # DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;CNAME&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">&quot;${module.nemo.workers_dns}.&quot;</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Hosting IPv6 apps is possible, but requires editing the nginx-ingress addon to use <code>hostNetwork: true</code>.</p>
</div>
<h2 id="google-cloud">Google Cloud<a class="headerlink" href="#google-cloud" title="Permanent link">&para;</a></h2>
<p>On Google Cloud, a TCP Proxy load balancer distributes IPv4 and IPv6 TCP traffic across a backend service of worker nodes running an Ingress controller deployment. Firewall rules allow traffic to ports 80 and 443. Health check rules ensure only workers with a healthy Ingress controller receive traffic.</p>
<p>Create the Ingress controller deployment, service, RBAC roles, RBAC bindings, and namespace.</p>
<div class="highlight"><pre><span></span><code>kubectl apply -R -f addons/nginx-ingress/google-cloud
</code></pre></div>
<p>For each application, add DNS A records resolving to the load balancer's IPv4 address and DNS AAAA records resolving to the load balancer's IPv6 address.</p>
<div class="highlight"><pre><span></span><code>app1.example.com -&gt; 11.22.33.44
app2.example.com -&gt; 11.22.33.44
app3.example.com -&gt; 11.22.33.44
</code></pre></div>
<p>Find the IPv4 address with <code>gcloud compute addresses list</code> or use the Typhoon module's outputs <code>ingress_static_ipv4</code> and <code>ingress_static_ipv6</code>. For example, you might use Terraform to manage a Google Cloud DNS record:</p>
<div class="highlight"><pre><span></span><code><span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;app-record-a&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # DNS zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;example-zone&quot;</span><span class="c1"></span>
<span class="c1"> # DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;A&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="nv">module.yavin.ingress_static_ipv4</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
<span class="kr">resource</span><span class="w"> </span><span class="nc">&quot;google_dns_record_set&quot;</span><span class="w"> </span><span class="nv">&quot;app-record-aaaa&quot;</span><span class="w"> </span><span class="p">{</span><span class="c1"></span>
<span class="c1"> # DNS zone name</span>
<span class="w"> </span><span class="na">managed_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;example-zone&quot;</span><span class="c1"></span>
<span class="c1"> # DNS record</span>
<span class="w"> </span><span class="na">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;app.example.com.&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;AAAA&quot;</span><span class="w"></span>
<span class="w"> </span><span class="na">ttl</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m">300</span><span class="w"></span>
<span class="w"> </span><span class="na">rrdatas</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="nv">module.yavin.ingress_static_ipv6</span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<div class="footnote">
<hr />
<ol>
<li id="fn:1">
<p>DigitalOcean does offer load balancers. We've opted not to use them to keep the DigitalOcean cluster cheap for developers.&#160;<a class="footnote-backref" href="#fnref:1" title="Jump back to footnote 1 in the text">&#8617;</a></p>
</li>
</ol>
</div>
</article>
</div>
</div>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../overview/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Overview" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Overview
</div>
</div>
</a>
<a href="../prometheus/" class="md-footer__link md-footer__link--next" aria-label="Next: Prometheus" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Prometheus
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4Z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Poseidon Laboratories
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
<div class="md-social">
<a href="https://github.com/poseidon" target="_blank" rel="noopener" title="github.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
</a>
<a href="https://twitter.com/typhoon8s" target="_blank" rel="noopener" title="twitter.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg>
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.tabs", "navigation.instant"], "search": "../../assets/javascripts/workers/search.85cb4492.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version.title": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.a877e258.min.js"></script>
</body>
</html>
View Git Blame Copy Permalink