DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Deploy GitHub Pages

Browse source
This commit is contained in:
Travis Bot 2018-10-12 01:21:45 +00:00
parent 8125e59d3f
commit c09357b854
51 changed files with 612 additions and 5095 deletions
Download patch file Download diff file Expand all files Collapse all files

43
examples/grpc/index.html
View file

@ -596,8 +596,8 @@
<li class="md-nav__item">
<a href="../../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
Exposing TCP and UDP services
<a href="../../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
Regular expressions in paths
</a>
</li>
@ -916,18 +916,6 @@
<li class="md-nav__item">
<a href="../customization/custom-upstream-check/" title="Custom Upstream server checks" class="md-nav__link">
Custom Upstream server checks
</a>
</li>
<li class="md-nav__item">
<a href="../customization/external-auth-headers/" title="External authentication" class="md-nav__link">
External authentication
@ -1228,51 +1216,42 @@ nginx controller.</p>
application provided here as an example. </li>
</ol>
<h3 id="step-1-kubernetes-deployment">Step 1: kubernetes <code class="codehilite">Deployment</code><a class="headerlink" href="#step-1-kubernetes-deployment" title="Permanent link">&para;</a></h3>
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ kubectl create -f app.yaml
<div class="codehilite"><pre><span></span>$ kubectl create -f app.yaml
</pre></div>
</td></tr></table>
<p>This is a standard kubernetes deployment object. It is running a grpc service
listening on port <code class="codehilite">50051</code>.</p>
<p>The sample application
<a href="https://github.com/kubernetes/ingress-nginx/images/grpc-fortune-teller">fortune-teller-app</a>
is a grpc server implemented in go. Here's the stripped-down implementation:</p>
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
2
3
4
5
6</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="kd">func</span> <span class="nx">main</span><span class="p">()</span> <span class="p">{</span>
<div class="codehilite"><pre><span></span><span class="kd">func</span> <span class="nx">main</span><span class="p">()</span> <span class="p">{</span>
<span class="nx">grpcServer</span> <span class="o">:=</span> <span class="nx">grpc</span><span class="p">.</span><span class="nx">NewServer</span><span class="p">()</span>
<span class="nx">fortune</span><span class="p">.</span><span class="nx">RegisterFortuneTellerServer</span><span class="p">(</span><span class="nx">grpcServer</span><span class="p">,</span> <span class="o">&amp;</span><span class="nx">FortuneTeller</span><span class="p">{})</span>
<span class="nx">lis</span><span class="p">,</span> <span class="nx">_</span> <span class="o">:=</span> <span class="nx">net</span><span class="p">.</span><span class="nx">Listen</span><span class="p">(</span><span class="s">&quot;tcp&quot;</span><span class="p">,</span> <span class="s">&quot;:50051&quot;</span><span class="p">)</span>
<span class="nx">grpcServer</span><span class="p">.</span><span class="nx">Serve</span><span class="p">(</span><span class="nx">lis</span><span class="p">)</span>
<span class="p">}</span>
</pre></div>
</td></tr></table>
<p>The takeaway is that we are not doing any TLS configuration on the server (as we
are terminating TLS at the ingress level, grpc traffic will travel unencrypted
inside the cluster and arrive "insecure").</p>
<p>For your own application you may or may not want to do this. If you prefer to
forward encrypted traffic to your POD and terminate TLS at the gRPC server
itself, add the ingress annotation <code class="codehilite">nginx.ingress.kubernetes.io/secure-backends:&quot;true&quot;</code>.</p>
itself, add the ingress annotation <code class="codehilite">nginx.ingress.kubernetes.io/backend-protocol: &quot;GRPCS&quot;</code>.</p>
<h3 id="step-2-the-kubernetes-service">Step 2: the kubernetes <code class="codehilite">Service</code><a class="headerlink" href="#step-2-the-kubernetes-service" title="Permanent link">&para;</a></h3>
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ kubectl create -f svc.yaml
<div class="codehilite"><pre><span></span>$ kubectl create -f svc.yaml
</pre></div>
</td></tr></table>
<p>Here we have a typical service. Nothing special, just routing traffic to the
backend application on port <code class="codehilite">50051</code>.</p>
<h3 id="step-3-the-kubernetes-ingress">Step 3: the kubernetes <code class="codehilite">Ingress</code><a class="headerlink" href="#step-3-the-kubernetes-ingress" title="Permanent link">&para;</a></h3>
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ kubectl create -f ingress.yaml
<div class="codehilite"><pre><span></span>$ kubectl create -f ingress.yaml
</pre></div>
</td></tr></table>
<p>A few things to note:</p>
<ol>
<li>We've tagged the ingress with the annotation
<code class="codehilite">nginx.ingress.kubernetes.io/grpc-backend: &quot;true&quot;</code>. This is the magic
<code class="codehilite">nginx.ingress.kubernetes.io/backend-protocol: &quot;GRPC&quot;</code>. This is the magic
ingredient that sets up the appropriate nginx configuration to route http/2
traffic to our service.</li>
<li>We're terminating TLS at the ingress and have configured an SSL certificate
@ -1284,15 +1263,11 @@ backend application on port <code class="codehilite">50051</code>.</p>
<p>Once we've applied our configuration to kubernetes, it's time to test that we
can actually talk to the backend. To do this, we'll use the
<a href="https://github.com/fullstorydev/grpcurl">grpcurl</a> utility:</p>
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
2
3
4</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ grpcurl fortune-teller.stack.build:443 build.stack.fortune.FortuneTeller/Predict
<div class="codehilite"><pre><span></span>$ grpcurl fortune-teller.stack.build:443 build.stack.fortune.FortuneTeller/Predict
<span class="o">{</span>
<span class="s2">&quot;message&quot;</span>: <span class="s2">&quot;Let us endeavor so to live that when we come to die even the undertaker will be sorry.\n\t\t-- Mark Twain, \&quot;Pudd&#39;nhead Wilson&#39;s Calendar\&quot;&quot;</span>
<span class="o">}</span>
</pre></div>
</td></tr></table>
<h3 id="debugging-hints">Debugging Hints<a class="headerlink" href="#debugging-hints" title="Permanent link">&para;</a></h3>
<ol>