https-nginx

command
v1.3.0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2016 License: Apache-2.0 Imports: 8 Imported by: 0

README

WARNING WARNING WARNING WARNING WARNING

PLEASE NOTE: This document applies to the HEAD of the source tree

If you are using a released version of Kubernetes, you should refer to the docs that go with that version.

The latest release of this document can be found [here](http://releases.k8s.io/release-1.2/examples/https-nginx/README.md).

Documentation for other releases can be found at releases.k8s.io.

Nginx https service

This example creates a basic nginx https service useful in verifying proof of concept, keys, secrets, and end-to-end https service creation in kubernetes. It uses an nginx server block to serve the index page over both http and https.

Generate certificates

First generate a self signed rsa key and certificate that the server can use for TLS. This step invokes the make_secret.go script in the same directory, which uses the kubernetes api to generate a secret json config in /tmp/secret.json.

$ make keys secret KEY=/tmp/nginx.key CERT=/tmp/nginx.crt SECRET=/tmp/secret.json

Create a https nginx application running in a kubernetes cluster

You need a running kubernetes cluster for this to work.

$ kubectl create -f /tmp/secret.json
secrets/nginxsecret

$ kubectl create -f examples/https-nginx/nginx-app.yaml
services/nginxsvc
replicationcontrollers/my-nginx

$ kubectl get svc nginxsvc -o json
...
                    {
                        "name": "http",
                        "protocol": "TCP",
                        "port": 80,
                        "targetPort": 80,
                        "nodePort": 30849
                    },
                    {
                        "name": "https",
                        "protocol": "TCP",
                        "port": 443,
                        "targetPort": 443,
                        "nodePort": 30744
                    }
...

$ kubectl get nodes -o json | grep ExternalIP -A 2
...
                        "type": "ExternalIP",
                        "address": "104.197.63.17"
                    }
--
                        "type": "ExternalIP",
                        "address": "104.154.89.170"
                    }
...

$ curl https://nodeip:30744 -k
...
<title>Welcome to nginx!</title>
...

For more information on how to run this in a kubernetes cluster, please see the user-guide.

Analytics

Documentation

Overview

A small script that converts the given open ssl public/private keys to a secret that it writes to stdout as json. Most common use case is to create a secret from self signed certificates used to authenticate with a devserver. Usage: go run make_secret.go -crt ca.crt -key priv.key > secret.json

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL