taqi/homeserver
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kubernetes: updated the Readme for internal ingress controller

Browse Source
This commit is contained in:
Taqi Tahmid
2025-06-26 21:33:29 +03:00
parent 2a294eb273
commit 6bfb909431
3 changed files with 14 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
kubernetes/README.md
View File

@ -16,22 +16,24 @@ helm upgrade traefik traefik/traefik \
An additional ingress controller is deployed for internal access to services. An additional ingress controller is deployed for internal access to services.
This ingress controller is used to access services that are not exposed to the This ingress controller is used to access services that are not exposed to the
internet. It is deployed in the `internal-ingress` namespace and uses the internet. I have used the `ingress-nginx` controller for this purpose.
Traefik ingress controller.
To utilize the internal ingress controller, add the following The initial plan was to use the `traefik` ingress controller for both but due
`ingressClassName: traefik-internal` under ingress spec. to short circuit issues with the external `traefik` ingress controller, I have
switched to using `ingress-nginx` for internal access.
```bash ```bash
helm upgrade --install \ helm upgrade --install ingress-nginx ingress-nginx \
--create-namespace traefik-internal traefik/traefik \ --repo https://kubernetes.github.io/ingress-nginx \
--namespace traefik-internal \ --namespace ingress-nginx --create-namespace
-f traefik/traefik-internal/values.yaml
``` ```
The LoadBalancer service IP for the internal ingress controller is added to The LoadBalancer service IP for the internal ingress controller is added to
the adGuard DNS server to resolve the internal services. the adGuard DNS server to resolve the internal services.
To utilize the internal ingress controller, add the following
`ingressClassName: nginx` under ingress spec.
# Configure Cert Manager for automating SSL certificate handling # Configure Cert Manager for automating SSL certificate handling
Cert manager handles SSL certificate creation and renewal from Let's Encrypt. Cert manager handles SSL certificate creation and renewal from Let's Encrypt.
@ -662,7 +664,9 @@ helm install \
## Deploy MinIO Tenant ## Deploy MinIO Tenant
The MinIO tenant is deployed in the `minio` namespace. The default values The MinIO tenant is deployed in the `minio` namespace. The default values
are overridden with local values-tenant.yaml file. are overridden with local values-tenant.yaml file. The minio console is exposed
via internal ingress controller (nginx). Thus, it is only accessible from the
internal network.
```bash ```bash
source .env source .env

2
kubernetes/minio/values-tenant.yaml
View File

@ -494,7 +494,7 @@ ingress:
pathType: Prefix pathType: Prefix
console: console:
enabled: true enabled: true
ingressClassName: "traefik-internal" ingressClassName: "nginx"
labels: {} labels: {}
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure

6
kubernetes/traefik/traefik-internal/values.yaml
View File

@ -1,6 +0,0 @@
ingressClass:
enabled: true
isDefaultClass: false
name: traefik-internal
additionalArguments:
- "--providers.kubernetesingress.ingressclass=traefik-internal"