Configuring Contour as ingress controller for OKE in 10 minutes

IT by javier mugueta

Contour is an ingress controller for Kubernetes . Here we are setting up in OKE.

Setup

Choose one of the methods explained here, we are using the 2nd option:

kubectl apply -f https://projectcontour.io/quickstart/operator.yaml

kubectl apply -f https://projectcontour.io/quickstart/contour-custom-resource.yaml

A couple of services are created in a namespace called projectcontour. In our particular use case we have modified the envoy service for creating the load balancer in an private subnet and also changed the port from 80 to 8080

k get svc -n projectcontour
 NAME      TYPE           CLUSTER-IP     EXTERNAL-IP     PORT(S)                        AGE
 contour   ClusterIP      10.96.36.80    <none>          8001/TCP                       31h
 envoy     LoadBalancer   10.96.51.209   192.168.189.2   8080:30349/TCP,443:30485/TCP   31h

If you are curious to know how to do it just edit the service and put a couple of annotations indicating to use an internal subnet.

k edit svc/envoy -n projectcontour

Similarly for the port;

So far so good. We have our ingress installed.

Now let’s create the ingress. We want to route traffic to specific services/pods depending on the path of the methods exposed in our micro services. Let’s see an example:

apiVersion: networking.k8s.io/v1beta
kind: Ingress
metadata:
  name: invictuscore
spec:
  rules:
  - http:
      paths:
# enruta al ofsagent
      - path: /ofsa
        backend:
          serviceName: ofsagent
          servicePort: 8080
# enruta al sapagent
      - path: /sapa
        backend:
          serviceName: sapagent
          servicePort: 8080
...

Ok. So now we need a guy that does some work. Let’s create a deployment and a service:

apiVersion: apps/v1
kind: Deployment
metadata:
  name:    ofsagent
spec:
  selector:
    matchLabels:
      app: ofsagent
  replicas: 1
  template:
    metadata:
      labels:
        app: ofsagent
    spec:
      containers:
      - name: ofsagent
        image: fra.ocir.io/invictusavd/invictuscore/ofsagent:1.0
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
      imagePullSecrets:
      - name: k8sinvictussecret      
apiVersion: v1
kind: Service
metadata:
  name: ofsagent
spec:
  selector:
    app: ofsagent
  type: ClusterIP
  ports:
    - name: http
      port: 8080
      targetPort: 8080

So this is what we have:

A pod listening in 8080 <- a service of type ClusterIP called ofsagent exposing port 8080 and pointing to pod’s port 8080 <- an ingress routing to ofsagent port 8080 all the traffic that has path /ofsagent <- a service type Load Balancer with a listener in port 8080 (envoy) keen to serve your requests. Let’s try:

curl 192.168.189.2:8080/ofsa
hi from invictuscore - ofsagent()!!

That’s all, hope it helps!!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.