Skip to content
/ ingress-1 Public
forked from caddyserver/ingress

WIP Caddy 2 ingress controller for Kubernetes

License

Apache-2.0 license
0 stars 66 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bowei/ingress-1

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
.github/workflows
.github/workflows
 
 
cmd/caddy
cmd/caddy
 
 
hack/test
hack/test
 
 
internal
internal
 
 
kubernetes
kubernetes
 
 
pkg/storage
pkg/storage
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE.txt
LICENSE.txt
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
skaffold.yaml
skaffold.yaml
 
 

Repository files navigation

Caddy Ingress Controller

This is the Kubernetes Ingress Controller for Caddy. It includes functionality for monitoring Ingress resources on a Kubernetes cluster and includes support for providing automatic HTTPS certificates for all hostnames defined in ingress resources that it is managing.

The community is looking for maintainers with Kubernetes experience who can commit to help finish the development of this tool. Please get involved!

Cloud Provider Setup (AWS, GCLOUD, ETC...)

In the Kubernetes folder a Helm Chart is provided to make installing the Caddy Ingress Controller on a Kubernetes cluster straight forward. To install the Caddy Ingress Controller adhere to the following steps:

  1. Create a new namespace in your cluster to isolate all Caddy resources.
  kubectl apply -f ./kubernetes/deploy/00_namespace.yaml
  1. Install the Helm Chart. (If you do not want automatic https set autotls to false and do not include your email address as a value to the helm chart.)
  helm template \
    --namespace=caddy-system ./kubernetes/helm/caddyingresscontroller/ \
    --set autotls=true \
    --set email=youremail@test.com | kubectl apply -f -

The helm chart will create a service of type LoadBalancer in the caddy-system namespace on your cluster. You'll want to set any DNS records for accessing this cluster to the external IP address of this LoadBalancer when the external IP is provisioned by your cloud provider.

You can get the external IP address with kubectl get svc -n caddy-system

Debugging

To view any logs generated by Caddy or the Ingress Controller you can view the pod logs of the Caddy Ingress Controller.

Get the pod name with:

  kubectl get pods -n caddy-system

View the pod logs:

kubectl logs <pod-name> -n caddy-system

Automatic HTTPS

By default, any hosts defined in an ingress resource will configure caddy to automatically get certificates from let's encrypt and will serve your side over HTTPS.

To disable automattic https you can set the argument tls on the caddy ingress controller to false.

Example:

Add args tls=false to the deployment.

  args:
    - -tls=false

Bringing Your Own Certificates

If you would like to disable automatic HTTPS for a specific host and use your own certificates you can create a new TLS secret in Kubernetes and define what certificates to use when serving your application on the ingress resource.

Example:

Create TLS secret mycerts, where ./tls.key and ./tls.crt are valid certificates for test.com.

kubectl create secret tls mycerts --key ./tls.key --cert ./tls.crt

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example
  annotations:
    kubernetes.io/ingress.class: caddy
spec:
  rules:
  - host: test.com
    http:
      paths:
      - path: /
        backend:
          serviceName: test
          servicePort: 8080
  tls:
  - hosts:
    - test.com
    secretName: mycerts # use mycerts for host test.com

About

WIP Caddy 2 ingress controller for Kubernetes

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Go 98.5%
  • Dockerfile 1.2%
  • Makefile 0.3%