Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Multiple Ingress on GKE

Gavin Zhou
April 21, 2017
Technology
0
1.8k

Multiple Ingress on GKE

Multiple Ingress traefik & nginx on GKE

Gavin Zhou

April 21, 2017
Tweet

More Decks by Gavin Zhou

See All by Gavin Zhou
Prometheus Operator
gavinzhou
3
1.2k
Other ingress voyager
gavinzhou
0
170
kubernetes chatops
gavinzhou
0
570
Building Minimal Docker Containers
gavinzhou
0
1.2k

Other Decks in Technology

See All in Technology
Classmethod AI Talks(CATs) #21 司会進行スライド(2025.04.17) / classmethod-ai-talks-aka-cats_moderator-slides_vol21_2025-04-17
shinyaa31
0
440
SREが実現する開発者体験の革新
sansantech
PRO
0
160
やさしいMCP入門
minorun365
PRO
147
95k
技術者はかっこいいものだ!!~キルラキルから学んだエンジニアの生き方~
masakiokuda
2
110
アジャイル脅威モデリング#1(脅威モデリングナイト#8)
masakane55
3
160
SRE NEXT CfP チームが語る 聞きたくなるプロポーザルとは / Proposals by the SRE NEXT CfP Team that are sure to be accepted
chaspy
1
570
ゆるくVPC Latticeについてまとめてみたら、意外と奥深い件
masakiokuda
2
230
Cursor AgentによるパーソナルAIアシスタント育成入門―業務のプロンプト化・MCPの活用
os1ma
8
3k
GitHub MCP Serverを使って Pull Requestを作る、レビューする
hiyokose
2
710
Creating Awesome Change in SmartNews
martin_lover
1
240
クォータ監視、AWS Organizations環境でも楽勝です✌️
iwamot
PRO
1
240
Lightdashの利活用状況 ー導入から2年経った現在地_20250409
hirokiigeta
2
270

Featured

See All Featured
Designing for humans not robots
tammielis
252
25k
A Modern Web Designer's Workflow
chriscoyier
693
190k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
13
660
Statistics for Hackers
jakevdp
798
220k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
21k
How GitHub (no longer) Works
holman
314
140k
Automating Front-end Workflow
addyosmani
1369
200k
Reflections from 52 weeks, 52 projects
jeffersonlam
349
20k
Site-Speed That Sticks
csswizardry
5
480
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
23
2.6k

Transcript

  1. Multiple Ingress on GKE Orangesys Inc.

  2. $Who am I Orangesys Inc. Tachibana Shuji Twitter @gavinzhm https://github.com/orangesys

    Running

  3. Orangesys Inc. SaaS監視システム @orangesysio https://orangesys.io

  4. None
  5. None

  6. Orangesys • Kubernetes on GKE • OpsDev -> NoOps Architecture

  7. Architecture: Orangesys > Kubernetes Apigateway Namespace Cloud Load Balancing Standard

    Devices HTTPS Browser Client Production Namespace Kube-system Namespace Tiller Replication Controller Grafana Container Engine Replication Controller Influxdb Container Engine Replication Controller Corporate Site App Engine Autoscaling Orangesys Firebase Autoscaling Monitoring Namespace Prometheus RC Influxdb RC Grafana RC Opsbot Namespace Kubebot RC K8s-event RC Stripe Server Api Container Engine Replication Controller PostgresSQL Container Engine Replication Controller MariaDb Container Engine Replication Controller Nginx Container Engine Replication Controller Traefik Container Engine Replication Controller Server Telegraf Ingress Container Engine Replication Controller Kong ApiGateway Container Engine Replication Controller Kubenetes API Replication Controller SSL Cert Bot Replication Controller Orange Api Container Engine Replication Controller

  8. Technology Stack

  9. Agenda • Traefik ingress • Nginx ingress

  10. Why other ingress?! • Wildcard Host not support • Multi

    TLS not support • Cross-namespace not support • http -> https redirect • GCPLB、20$/m

  11. Traefik ingress 設定簡単、監視 Dashboardがある

  12. Nginx ingress • Basic Auth support • Rewrite support •

    Redirect support

  13. Topic • TLS secret 名前は tls.crt/tls.key • Ingress http通信禁止できる、redirectできない ◦ ingress.kubernetes.io/ssl-redirect:

    "false" • Kubernetes Certificate Managerを利用すると、letsencrypt証明証設定が簡単 • Helm https://github.com/orangesys