Skip to content

First deploy

First Deploy

Echo Test

Apply deployment, service and ingress, using the commands below. This will deploy and expose a docker container on a subdomain.

Deployment

kubectl apply -f ./whoami/whoami-deployment.yaml 
whoami-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: whoami
spec:
  selector:
    matchLabels:
      app: whoami
  replicas: 1
  template:
    metadata:
      labels:
        app: whoami
    spec:
      containers:
        - name: whoami
          image: containous/whoami:v1.5.0
          ports:
            - containerPort: 80

Service

kubectl apply -f ./whoami/whoami-service.yaml
whoami-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: whoami
spec:
  type: ClusterIP
  ports:
    - port: 5678
      targetPort: 80
  selector:
    app: whoami

Ingress

kubectl apply -f ./whoami/whoami-ingress.yaml
whoami-ingress.yaml
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: whoami

spec:
  rules:
    - http:
        paths:
          - path: /bar
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 5678
          - path: /foo
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 5678

Note: Separate or combined yaml

Here we applied deployment, service and ingress separately. Sometimes this makes sense, but we can also combine them into a single file if we prefer. Just separate the sections with a line containing three dashes like this:

<Deployment>
---
<Service>
---
<Ingress>

Time to test

Use your browser curl to check http://example.com/foo

curl http://example.com/foo
Hostname: whoami-667fc988f6-jn5f8
IP: 127.0.0.1
IP: ::1
IP: 10.42.0.34
IP: dd40::402e:d1ff:bde4:b8db
RemoteAddr: 10.42.0.1:33686
GET /bar HTTP/1.1
Host: 12.344.200.233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 11.255.13.126
X-Forwarded-Host: 51.114.111.153
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: m1
X-Real-Ip: 23.251.11.124

Adding HTTPS

The examples below use http->https redirect using a traefik middleware. To utilize it you need to create it first. You can also remove it by removing the line traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd

kubectl apply -f ./traefik-https-redirect-middleware.yaml
traefik-https-redirect-middleware
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: redirect-https
spec:
  redirectScheme:
    scheme: https
    permanent: true

To add https support, you need to either use cert-manager and add some tls-info to the ingress, or use a tls terminating load-balancer.

Cert-manager

You need first to deploy cert-manager.

Ingress

Then you can apply the ingress.

# DOMAIN environment variable required
cat ./whoami/whoami-ingress-tls.yaml | envsubst | kubectl apply -f -
whoami-ingress-tls.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: whoami-tls-ingress
  annotations:
    kubernetes.io/ingress.class: traefik
    cert-manager.io/cluster-issuer: letsencrypt-prod
    traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
spec:
  rules:
    - host: whoami.${DOMAIN}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 5678
  tls:
    - secretName: whoami-tls
      hosts:
        - whoami.${DOMAIN}