DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ingress-nginx-helm/examples/deployment/haproxy
History
Joao Morais 67f1e77b08 Minor fix on console cmd of HAProxy docs
2017-02-08 07:26:31 -02:00
..
haproxy-ingress.yaml Consistency editing of HAProxy Ingress docs 2017-02-07 21:45:12 -02:00
README.md Minor fix on console cmd of HAProxy docs 2017-02-08 07:26:31 -02:00

README.md

Deploying HAProxy Ingress Controller

If you don't have a Kubernetes cluster, please refer to setup for instructions on how to create a new one.

Prerequisites

This ingress controller doesn't yet have support for ingress classes. You MUST turn down any existing ingress controllers before running HAProxy Ingress controller or they will fight for Ingresses. This includes any cloudprovider controller.

This document has also the following prerequisites:

  • Deploy a web app for testing
  • Create a TLS secret named tls-secret to be used as default TLS certificate

The web app can be created as follow:

$ kubectl run http-svc \
  --image=gcr.io/google_containers/echoserver:1.3 \
  --port=8080 \
  --replicas=2 \
  --expose

Creating the TLS secret:

$ openssl req \
  -x509 -newkey rsa:2048 -nodes -days 365 \
  -keyout tls.key -out tls.crt -subj '/CN=localhost'
$ kubectl create secret tls tls-secret --cert=tls.crt --key=tls.key
$ rm -v tls.crt tls.key

Default backend

Deploy a default backend used to serve 404 Not Found pages:

$ kubectl run ingress-default-backend \
  --image=gcr.io/google_containers/defaultbackend:1.0 \
  --port=8080 \
  --limits=cpu=10m,memory=20Mi \
  --expose

Check if the default backend is up and running:

$ kubectl get pod
NAME                                       READY     STATUS    RESTARTS   AGE
ingress-default-backend-1110790216-gqr61   1/1       Running   0          10s

Controller

Deploy HAProxy Ingress:

$ kubectl create -f haproxy-ingress.yaml

Check if the controller was successfully deployed:

$ kubectl get pod -w
NAME                                       READY     STATUS    RESTARTS   AGE
haproxy-ingress-2556761959-tv20k           1/1       Running   0          12s
ingress-default-backend-1110790216-gqr61   1/1       Running   0          3m
^C

Deploy the ingress resource of our already deployed web app:

$ kubectl create -f - <<EOF
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: app
spec:
  rules:
  - host: foo.bar
    http:
      paths:
      - path: /
        backend:
          serviceName: http-svc
          servicePort: 8080
EOF

Exposing the controller as a type=NodePort service:

$ kubectl expose deploy/haproxy-ingress --type=NodePort
$ kubectl get svc/haproxy-ingress -oyaml

Look for nodePort field next to port: 80.

Change below 172.17.4.99 to the host's IP and 30876 to the nodePort:

$ curl -i 172.17.4.99:30876
HTTP/1.1 404 Not Found
Date: Mon, 05 Feb 2017 22:59:36 GMT
Content-Length: 21
Content-Type: text/plain; charset=utf-8

default backend - 404

Using default backend because host was not found.

Now try to send a header:

$ curl -i 172.17.4.99:30876 -H 'Host: foo.bar'
HTTP/1.1 200 OK
Server: nginx/1.9.11
Date: Mon, 05 Feb 2017 23:00:33 GMT
Content-Type: text/plain
Transfer-Encoding: chunked

CLIENT VALUES:
client_address=10.2.18.5
command=GET
real path=/
query=nil
request_version=1.1
request_uri=http://foo.bar:8080/
...

Troubleshooting

If you have any problem, check logs and events of HAProxy Ingress POD:

$ kubectl get pod
NAME                                       READY     STATUS    RESTARTS   AGE
haproxy-ingress-2556761959-tv20k           1/1       Running   0          9m
...

$ kubectl logs haproxy-ingress-2556761959-tv20k
$ kubectl describe pod/haproxy-ingress-2556761959-tv20k