ingress

Recently I needed to test the full HTTP stack between a Kubernetes cluster's member nodes and an external Internet routing setup, and so I wanted to quickly install K3s (which includes Traefik by default, and load balances through ports 80 and 443 on all nodes), then get a quick 'hello world' web page up, so I could see if the traffic was routing properly all the way from the external host through to a running container exposed via Traefik Ingress.

Here's how I set up a basic 'Hello World' web page on my K3s cluster:

First, I created an HTML file to be stored as a ConfigMap. Create a file named index.html with the following contents:

<html>
<head>
  <title>Hello World!</title>
</head>
<body>Hello World!</body>
</html>

Create a ConfigMap with the HTML from the file you just created:

$ kubectl create configmap hello-world --from-file index.html

Save the following to Kubernetes resource definitions into a file named hello-world.yml:

Update: In the comments, the following one-liner is suggested by Matt T if you have jq installed (a handy utility if there ever was one!):

kubectl get secret my-secret -o json | jq '.data | map_values(@base64d)'

I figured it would be handy to have a quick reference for this, since I'll probably forget certain secrets many, many times in the future (I'm like that, I guess):

I have a Kubernetes Secret used for Traefik ingress basic HTTP authentication (using annotation ingress.kubernetes.io/auth-secret), and as an admin with kubectl access, I want to see (or potentially modify) its structure.

Let's say the Secret is in namespace testing, and is named test-credentials. To get the value of the basic auth credentials I do:

kubectl get secret test-credentials -n testing -o yaml

This spits out the Kubernetes object definition, including a field like:

data:
  auth: [redacted base64-encoded string]

So then I copy out that string and decode it:

In a Kubernetes cluster I'm building, I was quite puzzled when setting up Ingress for one of my applications—in this case, Jenkins.

I had created a Deployment for Jenkins (in the jenkins namespace), and an associated Service, which exposed port 80 on a ClusterIP. Then I added an Ingress resource which directed the URL jenkins.example.com at the jenkins Service on port 80.

Inspecting both the Service and Ingress resource with kubectl get svc -n jenkins and kubectl get ingress -n jenkins, respectively, showed everything seemed to be configured correctly: