Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Multiple Ingress on GKE
Search
Gavin Zhou
April 21, 2017
Technology
0
1.8k
Multiple Ingress on GKE
Multiple Ingress traefik & nginx on GKE
Gavin Zhou
April 21, 2017
Tweet
Share
More Decks by Gavin Zhou
See All by Gavin Zhou
Prometheus Operator
gavinzhou
3
1.2k
Other ingress voyager
gavinzhou
0
160
kubernetes chatops
gavinzhou
0
540
Building Minimal Docker Containers
gavinzhou
0
1.1k
Other Decks in Technology
See All in Technology
C++26 エラー性動作
faithandbrave
2
730
re:Invent をおうちで楽しんでみた ~CloudWatch のオブザーバビリティ機能がスゴい!/ Enjoyed AWS re:Invent from Home and CloudWatch Observability Feature is Amazing!
yuj1osm
0
120
小学3年生夏休みの自由研究「夏休みに Copilot で遊んでみた」
taichinakamura
0
150
バクラクのドキュメント解析技術と実データにおける課題 / layerx-ccc-winter-2024
shimacos
2
1.1k
プロダクト開発を加速させるためのQA文化の築き方 / How to build QA culture to accelerate product development
mii3king
1
260
KubeCon NA 2024 Recap / Running WebAssembly (Wasm) Workloads Side-by-Side with Container Workloads
z63d
1
250
コンテナセキュリティのためのLandlock入門
nullpo_head
2
320
どちらを使う?GitHub or Azure DevOps Ver. 24H2
kkamegawa
0
780
大幅アップデートされたRagas v0.2をキャッチアップ
os1ma
2
530
2024年にチャレンジしたことを振り返るぞ
mitchan
0
140
ゼロから創る横断SREチーム 挑戦と進化の軌跡
rvirus0817
2
270
Storage Browser for Amazon S3
miu_crescent
1
140
Featured
See All Featured
Navigating Team Friction
lara
183
15k
Git: the NoSQL Database
bkeepers
PRO
427
64k
RailsConf 2023
tenderlove
29
940
Bash Introduction
62gerente
608
210k
Optimising Largest Contentful Paint
csswizardry
33
3k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
29
2k
Speed Design
sergeychernyshev
25
670
XXLCSS - How to scale CSS and keep your sanity
sugarenia
247
1.3M
Optimizing for Happiness
mojombo
376
70k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
28
4.4k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Into the Great Unknown - MozCon
thekraken
33
1.5k
Transcript
Multiple Ingress on GKE Orangesys Inc.
$Who am I Orangesys Inc. Tachibana Shuji Twitter @gavinzhm https://github.com/orangesys
Running
Orangesys Inc. SaaS監視システム @orangesysio https://orangesys.io
None
None
Orangesys • Kubernetes on GKE • OpsDev -> NoOps Architecture
Architecture: Orangesys > Kubernetes Apigateway Namespace Cloud Load Balancing Standard
Devices HTTPS Browser Client Production Namespace Kube-system Namespace Tiller Replication Controller Grafana Container Engine Replication Controller Influxdb Container Engine Replication Controller Corporate Site App Engine Autoscaling Orangesys Firebase Autoscaling Monitoring Namespace Prometheus RC Influxdb RC Grafana RC Opsbot Namespace Kubebot RC K8s-event RC Stripe Server Api Container Engine Replication Controller PostgresSQL Container Engine Replication Controller MariaDb Container Engine Replication Controller Nginx Container Engine Replication Controller Traefik Container Engine Replication Controller Server Telegraf Ingress Container Engine Replication Controller Kong ApiGateway Container Engine Replication Controller Kubenetes API Replication Controller SSL Cert Bot Replication Controller Orange Api Container Engine Replication Controller
Technology Stack
Agenda • Traefik ingress • Nginx ingress
Why other ingress?! • Wildcard Host not support • Multi
TLS not support • Cross-namespace not support • http -> https redirect • GCPLB、20$/m
Traefik ingress 設定簡単、監視 Dashboardがある
Nginx ingress • Basic Auth support • Rewrite support •
Redirect support
Topic • TLS secret 名前は tls.crt/tls.key • Ingress http通信禁止できる、redirectできない ◦ ingress.kubernetes.io/ssl-redirect:
"false" • Kubernetes Certificate Managerを利用すると、letsencrypt証明証設定が簡単 • Helm https://github.com/orangesys
gavinzhou
faithandbrave
yuj1osm
taichinakamura
shimacos
mii3king
z63d
nullpo_head
kkamegawa
os1ma
mitchan
rvirus0817
miu_crescent
lara
bkeepers
tenderlove
62gerente
csswizardry
jcasabona
sergeychernyshev
sugarenia
mojombo
kevinliebholz
chriscoyier
thekraken
