Nginx Ingress Controller

nginx-ingress-controller/README.md

@@ -0,0 +1,121 @@
+# --- ATENÇÃO --- 
+### Toda configuração aqui é para laboratório. Use somente em seu ambiente de testes.
+----------------------
+## Configurando o nginx ingress no oke-free
+
+-  Os manifestos usados para configurar o nginx, foram retirados do [repositorio oficial](https://github.com/nginxinc/kubernetes-ingress.git --branch v3.4.2)
+git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v3.4.2  
+
+
+- Recomendo fortemente a leitura da [documentação oficial](https://docs.nginx.com/nginx-ingress-controller/installation/installing-nic/installation-with-manifests/).
+
+
+
+### Configurar o controle de acesso baseado em função (RBAC)
+
+#### Crie um namespace e uma conta de serviço:
+```
+kubectl apply -f deployments/common/ns-and-sa.yaml
+```
+
+#### Crie a  cluster role e uma binding para a conta de serviço:
+```
+kubectl apply -f deployments/rbac/rbac.yaml
+```
+
+#### Crie um ConfigMap para personalizar suas configurações do NGINX:
+```
+kubectl apply -f deployments/common/nginx-config.yaml
+```
+
+#### Crie um recurso IngressClass. O NGINX Ingress Controller não será iniciado sem um recurso IngressClass.
+```
+kubectl apply -f deployments/common/ingress-class.yaml
+```
+
+#### Crie CRDs para VirtualServer e VirtualServerRoute , TransportServer , Policy e GlobalConfiguration :
+```
+kubectl apply -f config/crd/bases/k8s.nginx.org_virtualservers.yaml
+kubectl apply -f config/crd/bases/k8s.nginx.org_virtualserverroutes.yaml
+kubectl apply -f config/crd/bases/k8s.nginx.org_transportservers.yaml
+kubectl apply -f config/crd/bases/k8s.nginx.org_policies.yaml
+kubectl apply -f config/crd/bases/k8s.nginx.org_globalconfigurations.yaml
+
+```
+
+#### Usando um DaemonSet
+```
+kubectl apply -f deployments/daemon-set/nginx-ingress.yaml
+```
+
+
+## Como acessar o NGINX Ingress Controller
+
+#### Crie um serviço LoadBalancer
+
+use o manifesto deployments/service/loadbalancer.yaml para criar um novo manifesto alterado: 
+alterar:  type: NodePort
+Adicionar: nodePort: 30080
+```
+  externalTrafficPolicy: Local
+  type: NodePort
+  ports:
+  - port: 80
+    targetPort: 80
+    protocol: TCP
+    name: http
+    nodePort: 30080
+```
+
+```
+kubectl apply -f deployments/service/loadbalancer-oci-free.yaml
+```
+
+
+#### Faça o deploy da aplicação e do ingress
+
+no arquivo [ingress-dominio-apache-nginx](./manifestos/ingress-dominio-apache-nginx) , em host, coloque o IP do seu loadbalancer
+```
+kubectl apply -f ./manifestos/deployments-nginx-apache.yaml
+kubectl apply -f ./manifestos/ingress-dominio-apache-nginx
+```
+
+
+- Todos os [manifestos](./manifestos) acima estão na pasta manifestos e caso queira, pode usa-los
+
+
+```
+kubectl apply -f ./manifestos/ns-and-sa.yaml
+kubectl apply -f ./manifestos
+```
+
+* Para excluir:
+```
+kubectl delete -f ./manifestos
+```
+
+ou 
+
+
+```
+kubectl delete -f ./manifestos/rbac.yaml
+kubectl delete -f ./manifestos/nginx-config.yaml
+kubectl delete -f ./manifestos/loadbalancer-oci-free.yaml
+kubectl delete -f ./manifestos/ingress-class.yaml
+kubectl delete -f ./manifestos/k8s.nginx.org_virtualservers.yaml
+kubectl delete -f ./manifestos/k8s.nginx.org_virtualserverroutes.yaml
+kubectl delete -f ./manifestos/k8s.nginx.org_transportservers.yaml
+kubectl delete -f ./manifestos/k8s.nginx.org_policies.yaml
+kubectl delete -f ./manifestos/k8s.nginx.org_globalconfigurations.yaml
+kubectl delete -f ./manifestos/nginx-ingress.yaml
+kubectl delete -f ./manifestos/deployments-nginx-apache.yaml
+kubectl delete -f ./manifestos/ingress-dominio-apache-nginx.yaml
+kubectl delete -f ./manifestos/ns-and-sa.yaml
+```
+
+
+Acesse no seu navegador:
+
+http://apache.158.101.96.103.nip.io/
+
+http://nginx.158.101.96.103.nip.io/

nginx-ingress-controller/manifestos/deployments-nginx-apache.yaml

@@ -0,0 +1,81 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx
+        ports:
+        - containerPort: 80
+        resources:
+          limits:
+            cpu: '0.2'
+            memory: 512Mi
+          requests:
+            cpu: '0.1'
+            memory: 128Mi
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+spec:
+  selector:
+    app: nginx
+  ports:
+  - port: 8080 ## porta usada pelo service
+    targetPort: 80 ## porta do pod
+  type: NodePort
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: apache
+spec:
+  selector:
+    matchLabels:
+      app: apache
+  template:
+    metadata:
+      labels:
+        app: apache
+    spec:
+      containers:
+      - name: apache
+        image: httpd
+        ports:
+        - containerPort: 80
+        resources:
+          limits:
+            cpu: '0.2'
+            memory: 512Mi
+          requests:
+            cpu: '0.1'
+            memory: 128Mi
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: apache
+spec:
+  selector:
+    app: apache
+  ports:
+  - port: 8090 ## porta usada pelo service
+    targetPort: 80 ## porta do pod
+  type: NodePort

nginx-ingress-controller/manifestos/ingress-class.yaml

@@ -0,0 +1,8 @@
+apiVersion: networking.k8s.io/v1
+kind: IngressClass
+metadata:
+  name: nginx
+  annotations:
+    ingressclass.kubernetes.io/is-default-class: "true"
+spec:
+  controller: nginx.org/ingress-controller

nginx-ingress-controller/manifestos/ingress-dominio-apache-nginx.yaml

@@ -0,0 +1,30 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-dominio
+  labels:
+    name: ingress-dominio
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: nginx.158.101.96.103.nip.io
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: nginx
+            port: 
+              number: 80
+
+  - host: apache.158.101.96.103.nip.io
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: apache
+            port: 
+              number: 80

nginx-ingress-controller/manifestos/k8s.nginx.org_globalconfigurations.yaml

@@ -0,0 +1,96 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.13.0
+  name: globalconfigurations.k8s.nginx.org
+spec:
+  group: k8s.nginx.org
+  names:
+    kind: GlobalConfiguration
+    listKind: GlobalConfigurationList
+    plural: globalconfigurations
+    shortNames:
+    - gc
+    singular: globalconfiguration
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: GlobalConfiguration defines the GlobalConfiguration resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: GlobalConfigurationSpec is the spec of the GlobalConfiguration
+              resource.
+            properties:
+              listeners:
+                items:
+                  description: Listener defines a listener.
+                  properties:
+                    name:
+                      type: string
+                    port:
+                      type: integer
+                    protocol:
+                      type: string
+                    ssl:
+                      type: boolean
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: GlobalConfiguration defines the GlobalConfiguration resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: GlobalConfigurationSpec is the spec of the GlobalConfiguration
+              resource.
+            properties:
+              listeners:
+                items:
+                  description: Listener defines a listener.
+                  properties:
+                    name:
+                      type: string
+                    port:
+                      type: integer
+                    protocol:
+                      type: string
+                    ssl:
+                      type: boolean
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: false