Asking for help? Comment out what you need so we can get more information to help you!
Kubernetes version: 1.12.6
Cloud being used: Azure Kubernetes Service
Host OS: Terraform
CNI and version:
CRI and version:
I want to set up in one kubernetes cluster, multiples environments of some web application of this way:
dev.my-domain.orgto development environment
sandbox.my-domain.orgto the sandbox environment
production.my-domain.orgto the production environment
Currently, I have the
dev.mydomain.org of this way:
- a kong installation (include
- Kong Postgres database
- My application service installed via helm chart pulled from Azure Container Registry.
I am thinking in an implement with that same approach to sandbox and production environments each of them in their respective namespace, and I have the doubt with relation to
- Should Is there one
kong-ingress-controllerby each environment. This means:
- Should Is there just one
kong-ingress-controllerwhich works and manage all the different ingress resources existing in the different namespaces, but each domain point to the same kong-ingress-controller…? This means:
Is this possible?
I am not sure about how kong does it’s magic, but for example nginx-ingress stays in it’s own namespace and monitors each of the other namespaces. and when you configure an ingress in a namespaces it just applies the configuration (creates an ingress for that namespace) using whatever rules you set up for it. including domains.
Is the philosophy of an ingress controller is manage many domains doesn’t it?
Currently, in my dev.my-domain.org environment
my-ingress-application resource is pointing to my kong-ingress-controller, via kong-proxy public IP address:
⟩ kubectl get ingress my-ingress-application NAME HOSTS ADDRESS PORTS AGE my-ingress-application dev.mydomain.org same-IP-Address 80, 443 103m [I] ⟩ kubectl get svc/kong-proxy -n kong NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kong-proxy LoadBalancer 10.0.174.245 same-IP-Address 80:31166/TCP,443:31525/TCP 3h42m [I] ⟩
I have one doubt in order to have only one database to all these environments.
Should each of them to be configured in only one ingress resource?
This means of this way:
apiVersion: configuration.konghq.com/v1 kind: KongIngress metadata: name: kong-ingress-config namespace: default proxy: protocols: - http - https path: / route: methods: - POST - GET strip_path: false preserve_host: true --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: my-ingress-application #namespace: default annotations: kubernetes.io/ingress.class: "kong" certmanager.k8s.io/cluster-issuer: letsencrypt-prod # letsencrypt-staging # We are indicating the KongIngress resource configuration.konghq.com: kong-ingress-config certmanager.k8s.io/acme-challenge-type: http01 kubernetes.io/tls-acme: "true" certmanager.k8s.io/acme-http01-edit-in-place: "true" spec: rules: # DEV ENVIRONMENT - host: dev.mydomain.org http: paths: - path: "/" backend: serviceName: myapp servicePort: 80 # SANDBOX ENVIRONMENT - host: sandbox.mydomain.org http: paths: - path: "/" backend: serviceName: myapp servicePort: 80 tls: - hosts: - dev.mydomain.org - sandbox.mydomain.org - production.mydomain.org secretName: letsencrypt-prod #letsencrypt-staging
So, is possible that my
my-ingress-application resource could to have multiple hosts pointing the same
kong-proxy) and using the same
Maybe something like this: ?
⟩ kubectl get ingress my-ingress-application NAME HOSTS ADDRESS PORTS AGE my-ingress-application dev.mydomain.org same-IP-Address 80, 443 103m sandbox.mydomain.org same-IP-Address 80, 443 103m production.mydomain.org same-IP-Address 80, 443 103m [I]
Could to be this a correct approach?