docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update layer-7-routing.md

This commit is contained in:
paigehargrave 2019-02-22 13:38:48 -05:00 committed by GitHub
parent 0317cae4ec
commit 2bc45aa489
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
ee/ucp/kubernetes/layer-7-routing.md
View File

@ -440,236 +440,6 @@ Assuming you have already registered a DNS record for your application pointing
![dockerdemo.png](img/dockerdemo.png) ![dockerdemo.png](img/dockerdemo.png)
=======================end of new info===============
## Create a dedicated namespace
1. Navigate to the **Namespaces** page, and click **Create**.
2. In the **Object YAML** editor, append the following text.
```yaml
metadata:
name: ingress-nginx
```
The finished YAML should look like this.
```yaml
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
```
3. Click **Create**.
4. In the **ingress-nginx** namespace, click the **More options** icon,
and in the context menu, select **Set Context**.
![](../images/deploy-ingress-controller-1.png){: .with-border}
## Create a grant
The default service account that's associated with the `ingress-nginx`
namespace needs access to Kubernetes resources, so create a grant with
`Restricted Control` permissions.
1. From UCP, navigate to the **Grants** page, and click **Create Grant**.
2. Within the **Subject** pane, select **Service Account**. For the
**Namespace** select **ingress-nginx**, and select **default** for
the **Service Account**. Click **Next**.
3. Within the **Role** pane, select **Restricted Control**, and then click
**Next**.
4. Within the **Resource Set** pane, select the **Type** **Namespace**, and
select the **Apply grant to all existing and new namespaces** toggle.
5. Click **Create**.
## Deploy NGINX ingress controller
The cluster is ready for the ingress controller deployment, which has three
main components:
- a simple HTTP server, named `default-http-backend`,
- an ingress controller, named `nginx-ingress-controller`, and
- a service that exposes the app, named `ingress-nginx`.
Navigate to the **Create Kubernetes Object** page, and in the **Object YAML**
editor, paste the following YAML.
```yaml
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: default-http-backend
labels:
app: default-http-backend
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: default-http-backend
template:
metadata:
labels:
app: default-http-backend
annotations:
seccomp.security.alpha.kubernetes.io/pod: docker/default
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissible as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: gcr.io/google_containers/defaultbackend:1.4
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: ingress-nginx
labels:
app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
app: default-http-backend
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: ingress-nginx
template:
metadata:
labels:
app: ingress-nginx
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
seccomp.security.alpha.kubernetes.io/pod: docker/default
spec:
initContainers:
- command:
- sh
- -c
- sysctl -w net.core.somaxconn=32768; sysctl -w net.ipv4.ip_local_port_range="1024 65535"
image: alpine:3.6
imagePullPolicy: IfNotPresent
name: sysctl
securityContext:
privileged: true
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --annotations-prefix=nginx.ingress.kubernetes.io
- --enable-ssl-passthrough
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
---
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
- name: https
port: 443
targetPort: 443
protocol: TCP
selector:
app: ingress-nginx
```
## Check your deployment ## Check your deployment
The `default-http-backend` provides a simple service that serves a 404 page The `default-http-backend` provides a simple service that serves a 404 page