-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use USER env and create svc with yaml instead of expose + other changes #526
Changes from all commits
7fccd35
9510749
a0ba02c
4aeae48
8217623
eb46019
0cd6a5c
c1d7db9
2c40b90
8fcc267
89481a5
dd77b8d
59c5290
6cac131
ce46882
3436830
2bd0cc0
6531422
9832a1b
7a00943
11b1ac3
9c738db
c90fbf4
0d98c60
537d381
dc70d14
640b94a
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -26,9 +26,20 @@ You can also use Ingress to expose your Service. Ingress is not a Service type, | |
Traffic routing is controlled by rules defined on the {{% onlyWhenNot openshift %}}Ingress{{% /onlyWhenNot %}}{{% onlyWhen openshift %}}Route{{% /onlyWhen %}} resource. {{% onlyWhenNot openshift %}}An Ingress{{% /onlyWhenNot %}}{{% onlyWhen openshift %}}A Route{{% /onlyWhen %}} may be configured to give Services externally reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. An Ingress controller is responsible for fulfilling the route, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic. | ||
|
||
In order to create {{% onlyWhenNot openshift %}}an Ingress{{% /onlyWhenNot %}}{{% onlyWhen openshift %}}a Route{{% /onlyWhen %}}, we first need to create a Service of type [ClusterIP](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | ||
We're going to do this with the command `{{% param cliToolName %}} expose`: | ||
|
||
To create the Service add a new file `svc-web-go.yaml` with the following content: | ||
|
||
{{< readfile file="/content/en/docs/exposing-a-service/svc-web-go.yaml" code="true" lang="yaml" >}} | ||
|
||
And then apply the file with: | ||
|
||
```bash | ||
{{% param cliToolName %}} apply -f svc-web-go.yaml --namespace <namespace> | ||
``` | ||
|
||
There is also am imperative command to create a service and expose your application which can be used instead of the yaml file with the `{{% param cliToolName %}} apply ...` command | ||
|
||
``` | ||
{{% param cliToolName %}} expose deployment example-web-go --type=ClusterIP --name=example-web-go --port=5000 --target-port=5000 --namespace <namespace> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. In my opinion it's important to know these helper commands as they facilitate editing resources and belong to a basics training. At a later time the resources are then saved as files in order to adopt a gitops approach. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If I remember correctly we once discussed, that we wan't to get rid of these imperative commands. Not sure if you were involved in this discussion though. In my opinion the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We could also use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I added the |
||
``` | ||
|
||
|
@@ -40,6 +51,7 @@ As a consequence, the `oc expose` command above doesn't add anything new but it | |
{{% /onlyWhenNot %}} | ||
{{% /onlyWhen %}} | ||
|
||
|
||
Let's have a more detailed look at our Service: | ||
|
||
```bash | ||
|
@@ -170,11 +182,11 @@ As you see in the resource definition at `spec.rules[0].http.paths[0].backend.se | |
Let's create the Ingress resource with: | ||
|
||
```bash | ||
kubectl apply -f <path to ingress.yaml> --namespace <namespace> | ||
kubectl apply -f ingress.yaml --namespace <namespace> | ||
``` | ||
|
||
{{% onlyWhenNot mobi %}} | ||
Afterwards, we are able to access our freshly created Ingress at `http://example-web-go-<namespace>.<domain>` | ||
Afterwards, we are able to access our freshly created Ingress at `http://example-web-go-<namespace>.<appdomain>` | ||
{{% /onlyWhenNot %}} | ||
{{% onlyWhen mobi %}} | ||
Afterwards, we are able to access our app via our freshly created Ingress at `https://example-web-go-<namespace>.<appdomain>`. Although we have not configured the Ingress to use TLS, it is available with a `https` address. This is because of the setup at Mobiliar and not default behavior. | ||
|
@@ -235,24 +247,42 @@ The `<appdomain>` is the default domain under which your applications will be ac | |
|
||
## {{% task %}} Expose as NodePort | ||
|
||
{{% alert title="Note" color="info" %}} | ||
This is an advanced lab, so feel free to skip this. NodePorts are usually not used for http-based applications as we use the layer 7-based Ingress resource. Only for non-http based applications, a NodePort might be a suitable alternative. | ||
{{% /alert %}} | ||
|
||
There's a second option to make a Service accessible from outside: Use a [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport). | ||
|
||
In order to switch the Service type, we are going to delete the `ClusterIP` Service that we've created before: | ||
In order to switch the Service type, change the existing `ClusterIP` Service by updating our Service definition in file `svc-web-go.yaml`to: | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
app: example-web-go | ||
name: example-web-go | ||
spec: | ||
ports: | ||
- port: 5000 | ||
protocol: TCP | ||
targetPort: 5000 | ||
selector: | ||
app: example-web-go | ||
type: NodePort | ||
|
||
```bash | ||
kubectl delete service example-web-go --namespace=<namespace> | ||
``` | ||
|
||
With the following command we create a Service: | ||
And then apply again with: | ||
|
||
```bash | ||
kubectl expose deployment example-web-go --type=NodePort --name=example-web-go --port=5000 --target-port=5000 --namespace <namespace> | ||
{{% param cliToolName %}} apply -f svc-web-go.yaml --namespace <namespace> | ||
``` | ||
|
||
Let's have a more detailed look at our Service: | ||
Let's have a more detailed look at our new `NodePort` Service: | ||
|
||
```bash | ||
kubectl get services --namespace <namespace> | ||
{{% param cliToolName %}} get services --namespace <namespace> | ||
``` | ||
|
||
Which gives you an output similar to this: | ||
|
@@ -264,12 +294,6 @@ example-web-go NodePort 10.43.91.62 <none> 5000:30692/TCP | |
|
||
The `NodePort` number is assigned by Kubernetes and stays the same as long as the Service is not deleted. A NodePort Service is more suitable for infrastructure tools than for public URLs. | ||
|
||
{{% alert title="Note" color="info" %}} | ||
If `NodePort` is not supported in your environment then you can use `--type=ClusterIP` (or omit this parameter completely as it is the default) and use port forwarding to the Service instead. | ||
|
||
Head over to task 6.3 in [lab 6](../06/) to learn how to use port forwarding. | ||
{{% /alert %}} | ||
|
||
Open `http://<node-ip>:<node-port>` in your browser. | ||
You can use any node IP as the Service is exposed on all nodes using the same `NodePort`. Use `kubectl get nodes -o wide` to display the IPs (`INTERNAL-IP`) of the available nodes. | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shall I change this also for OpenShift?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What exactly?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, in the overview it didn't show the following changes. We can also change this in OpenShift, that's ok, thanks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And this is also changed in the oc variants