Nginx Ingress Integrator
- Canonical IS DevOps
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 131 | 10 Dec 2024 | |
latest/stable | 130 | 10 Dec 2024 | |
latest/stable | 101 | 28 May 2024 | |
latest/edge | 133 | 18 Dec 2024 | |
latest/edge | 132 | 18 Dec 2024 | |
latest/edge | 109 | 22 Jul 2024 | |
latest/edge | 44 | 16 Nov 2022 | |
v2/edge | 84 | 09 Jan 2024 |
juju deploy nginx-ingress-integrator
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
How to secure an Ingress with TLS.
Requirements
You will need:
-
A laptop or desktop running Ubuntu (or you can use a VM).
-
Juju and Microk8s installed. We’ll also want to make sure the ingress add-on is enabled, which we can do by running
microk8s enable ingress
. -
Charmcraft installed.
-
A working Nginx-ingress-integrator deployment.
-
Openssl installed.
Creating the TLS secret
For the sake of simplicity you’ll create a self-signed SSL certificate for the tutorial, but feel free to add SSL
certificates of other types.
For the creation of the Certificate Authority key execute:
openSSL genrsa -out ca.key 2048
And for the creation of the certificate itself:
openssl req -x509 -new -nodes -days 365 -key ca.key -out ca.crt -subj "/CN=exampledomain.com"
With the CA key and cert created, create the actual Kubernetes secret with:
microk8s kubectl create secret tls my-tls-secret --key ca.key --cert ca.crt
After the secret creation you can check the secret by running:
microk8s kubectl get secrets/my-tls-secret
microk8s kubectl describe secrets/my-tls-secret
At last, relate the nginx-ingress-integrator charm with the microk8s TLS secret by setting the config option:
juju config nginx-ingress-integrator tls-secret-name="my-tls-secret"
Now your NGINX Ingress integrator is secured with TLS.