Wowwww this is really incredible. No fuss, no lags, no spins.... No blah blah blah ....STRAIGHT ARROW ONTO TARGET. Crystal clear and this so easy felt like drinking a starbucks coffee.. super man and thank you very much.
Nice! A couple of words. I needed to play again and again because you go too fast, but may be its a very personal appreciation. However, after not having clear what the documentation means in the TLS subject, you helped me. Thanyou!.
Thank you so much for saving my life:), this video really helped me a lot , the funny part this video has only 558 viewers, while my son watching toys hot wheels videos each one has over million views :)
Just a quick heads-up to anyone following this tutorial line-by-line without thinking: at 4:50 he writes a > while he should have written >>. Having only a single > will overwrite your hosts file, which is pretty undesirable.
Very good video. I have added tls to ingress and all external requests are protected. Could you tell how set up tls for internal k8s connection? For example I have auth service that available outhside and inside of k8s.
would be great if you could update this: `error: unable to recognize "base-notebook/ingress.yml": no matches for kind "Ingress" in version "extensions/v1beta1"`
This will only run on my local, right? How can I make it publicly accessible? I want my load balancer service to be accessed publicly with https. I have my application running on kubernetes
Yes, the Ingress controller decrypts https to http, so you would tall to your internal services in cleartext http. The way that is ussualy said is "The Ingress Controller does TLS termination." If you really want TLS between your services, then you can use a service mesh like LinkerD or Istio, but even then, it looks to your application as if you're speaking plain text.
@@sasyachowdary3144 As I said in the previous comment, LinkerD and Istio do TLS all the way to the pod. Within the pod, a sidecar container running an layer 7 proxy (fancy way of saying "understands application protocols like your database and http, etc.") is given all network traffic, and it encrypts and decrypts all traffic entering and leaving the pod. That's called mTLS or "mutual TLS". Installing LinkerD or Istio is easy, but not something that can fit in a comment here. Also, something important to note, in the case of Istio you would use a Gateway and VirtualService instead of an Ingress object.
hi thanks for posting this video. i tried following and got everything working up to the point where you access the web server thru the browser. I am getting ```uses an invalid security certificate. The certificate is not trusted because it is self-signed. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT```. When I curl it using those -k and --cacert flags it works fine, I can see the HTML content. What am I doing wrong?
Hi, I have a cluster of 2 worker node and a master. Now when I create an entry of example.com in the /etc/hosts, which IP should I populate in that. Is it of worker-1 or worker-2 or K8s Master
Hi! i tried following the instructions but i don't think my ingress is communicating with my service. I'm doing it in a kubernetes cluster 1 master and 1 worker node. Do i have to install anything like what you did for the minikube for the real cluster? im using kubeadm, and flannel for networking Name: nginx Namespace: default Address: Default backend: default-http-backend:80 () Rules: Host Path Backends ---- ---- -------- ghost.whitecloak.io / nginx:80 () Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{"kubernetes.io/ingress.class":"nginx"},"name":"nginx","namespace":"default"},"spec":{"rules":[{"host":"ghost.whitecloak.io","http":{"paths":[{"backend":{"serviceName":"nginx","servicePort":80},"path":"/"}]}}]}} kubernetes.io/ingress.class: nginx --- NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx ClusterIP 10.111.219.92 80/TCP 55m
Hi, I've created ingress but when I type "kubectl get ing" I can't see adress ip of my ingress. What shall I do? Is there option to use ingress without adress ip?
This depends on the type of cluster you are using. On GKE for example you automatically get external loadbalancers on your ingresses, that's the IP shown. If you're running on minikube or a custom on-premise cluster for example, you might not get those.
Oh, and btw, I just found that post that contains many of the commands, plus a few interesting bits : vocon-it.com/2018/12/31/kubernetes-6-https-applications-via-ingress-controller-on-minikube/
Great video and explanation. Any chance you have an updated one with "networking.k8s.io/v1 Ingress" since extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+