Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ericflo/kube-http-proxy
Easily run a reverse proxy for all your Kubernetes http and https traffic.
https://github.com/ericflo/kube-http-proxy
Last synced: 11 days ago
JSON representation
Easily run a reverse proxy for all your Kubernetes http and https traffic.
- Host: GitHub
- URL: https://github.com/ericflo/kube-http-proxy
- Owner: ericflo
- Created: 2015-08-11T09:29:27.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2015-08-11T10:12:30.000Z (over 9 years ago)
- Last Synced: 2024-08-02T14:08:38.452Z (4 months ago)
- Language: Go
- Size: 301 KB
- Stars: 1
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# kube-http-proxy
Easily run a reverse proxy for all your Kubernetes http and https traffic.
## Quick Start
First deploy a demo http server that we can proxy back to:
```console
kubectl run httpdemo --image=nginx --port=80
```
Now attach a service to it so that we can communicate with it (note that the
demo http server is serving on port 80, but we're exposing it on port 9090):
```console
kubectl expose rc httpdemo --port=9090 --target-port=80 --type=LoadBalancer
```
Here's an example YAML file for how we'd configure kube-http-proxy, save this
as `kube-http-proxy-rc.yml`:
```yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-http-proxy
labels:
name: kube-http-proxy
spec:
replicas: 1
selector:
name: kube-http-proxy
template:
metadata:
labels:
name: kube-http-proxy
spec:
containers:
- name: kube-http-proxy
image: ericflo/kube-http-proxy:latest
ports:
- name: http
containerPort: 80
args:
- --domain=HTTPDEMO="example.com"
- --domain=HTTPDEMO="www.example.com"
```
So we can load that up:
```console
kubectl create -f kube-http-proxy-rc.yml
```
Finally we can expose the http proxy:
```console
kubectl expose rc kube-http-proxy --port=80 --type=LoadBalancer
```
## Enabling SSL
Easy, just mount a certificate at `/etc/kube-http-proxy/certs/ssl.crt` and
your key at `/etc/kube-http-proxy/certs/ssl.key` and then make sure to expose
port 443 in the proxy service. Here's how that would look:
```yaml
apiVersion: v1
kind: Secret
metadata:
name: ssl-cert-secret
type: Opaque
data:
ssl.crt: BASE64_ENCODED_SSL_CERTIFICATE
ssl.key: BASE64_ENCODED_SSL_KEY
```
```yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-http-proxy
labels:
name: kube-http-proxy
spec:
replicas: 1
selector:
name: kube-http-proxy
template:
metadata:
labels:
name: kube-http-proxy
spec:
containers:
- name: kube-http-proxy
image: ericflo/kube-http-proxy:latest
ports:
- name: http
containerPort: 80
args:
- --domain=HTTPDEMO="example.com"
- --domain=HTTPDEMO="www.example.com"
volumeMounts:
- mountPath: /etc/kube-http-proxy/certs
name: ssl-cert-vol
readOnly: true
volumes:
- name: ssl-cert-vol
secret:
secretName: ssl-cert-secret
```
```yaml
kind: Service
apiVersion: v1
metadata:
name: kube-http-proxy
spec:
selector:
name: kube-http-proxy
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
type: LoadBalancer
```