Nginx Ingress Integrator

  • Canonical IS DevOps
Channel Revision Published Runs on
latest/stable 131 10 Dec 2024
Ubuntu 20.04
latest/stable 130 10 Dec 2024
Ubuntu 20.04
latest/stable 101 28 May 2024
Ubuntu 20.04
latest/edge 133 18 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 132 18 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 109 22 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 44 16 Nov 2022
Ubuntu 22.04 Ubuntu 20.04
v2/edge 84 09 Jan 2024
Ubuntu 20.04
juju deploy nginx-ingress-integrator
Show information

Platform:

Ubuntu
22.04 20.04

How to secure an Ingress with TLS.

Requirements

You will need:

  • A laptop or desktop running Ubuntu (or you can use a VM).

  • Juju and Microk8s installed. We’ll also want to make sure the ingress add-on is enabled, which we can do by running microk8s enable ingress.

  • Charmcraft installed.

  • A working Nginx-ingress-integrator deployment.

  • Openssl installed.

Creating the TLS secret

For the sake of simplicity you’ll create a self-signed SSL certificate for the tutorial, but feel free to add SSL

certificates of other types.

For the creation of the Certificate Authority key execute:


openSSL genrsa -out ca.key 2048

And for the creation of the certificate itself:


openssl req -x509 -new -nodes -days 365 -key ca.key -out ca.crt -subj "/CN=exampledomain.com"

With the CA key and cert created, create the actual Kubernetes secret with:


microk8s kubectl create secret tls my-tls-secret --key ca.key --cert ca.crt

After the secret creation you can check the secret by running:


microk8s kubectl get secrets/my-tls-secret

microk8s kubectl describe secrets/my-tls-secret

At last, relate the nginx-ingress-integrator charm with the microk8s TLS secret by setting the config option:


juju config nginx-ingress-integrator tls-secret-name="my-tls-secret"

Now your NGINX Ingress integrator is secured with TLS.