Ingress controllers

So, I think I finally figured out how to do an ingress controller. Noting here for posterity.

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/namespace.yaml \
    | kubectl apply -f -

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/default-backend.yaml \
    | kubectl apply -f -

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/configmap.yaml \
    | kubectl apply -f -

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/tcp-services-configmap.yaml \
    | kubectl apply -f -

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/udp-services-configmap.yaml \
    | kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/rbac.yaml \
    | kubectl apply -f -

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/with-rbac.yaml \
    | kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/baremetal/service-nodeport.yaml \
    | kubectl apply -f -

That gets the base install completed. Create tls certs with the following:

kubectl create secret tls host-secret --key /tmp/tls.key --cert /tmp/tls.crt

Where the name is unique, and set paths.

Then start with this:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
 name: foo-tls
 namespace: default
spec:
 tls:
 - hosts:
 - my-first-host.com
 secretName: host-secret
 - hosts:
 - bar.baz.com
# this assumes a second ssl cert has been added
 secretName: barbaz
 rules:
 - host: foo.bar.com
 http:
 paths:
 - backend:
 serviceName: http-svc
# this should point to the listener port for the service
# and not the pod directly
 servicePort: 80
 path: /
 - host: bar.baz.com
 http:
 paths:
 - backend:
 serviceName: nginx
 servicePort: 80
 path: /


 

Finally cleaned up.

Facebook makes it EXCEEDINGLY difficult to remove data.  I’m not entirely convinced the data is actually ‘gone’, but even disassociating it is an exercise in patience (and irritation).

I’ve managed to clean my profile, which feels good.   Weird though.  I’m used to liking and commenting on stuff, and it really adds up. The sheer amount of data is pretty scary.

I have commenting turned off, which was an easy way to combat any potential spam.  This *is* a journal after all, not a conversation.