Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Multiple Ingress on GKE
Search
Gavin Zhou
April 21, 2017
Technology
1.9k
0
Share
Multiple Ingress on GKE
Multiple Ingress traefik & nginx on GKE
Gavin Zhou
April 21, 2017
More Decks by Gavin Zhou
See All by Gavin Zhou
Prometheus Operator
gavinzhou
3
1.3k
Other ingress voyager
gavinzhou
0
190
kubernetes chatops
gavinzhou
0
620
Building Minimal Docker Containers
gavinzhou
0
1.3k
Other Decks in Technology
See All in Technology
スクラムを支える内部品質の話
iij_pr
0
260
AIドリブン開発の実践知 ― AI-DLC Unicorn Gym実施から見えた可能性と課題
mixi_engineers
PRO
0
110
やさしいとこから始めるGitHubリポジトリのセキュリティ
tsubakimoto_s
3
2.2k
ADOTで始めるサーバレスアーキテクチャのオブザーバビリティ
alchemy1115
2
130
Oracle Cloud Infrastructure(OCI):Onboarding Session(はじめてのOCI/Oracle Supportご利⽤ガイド)
oracle4engineer
PRO
2
17k
「できない」のアウトプット 同人誌『精神を壊してからの』シリーズ出版を 通して得られたこと
comi190327
3
570
Strands Agents × Amazon Bedrock AgentCoreで パーソナルAIエージェントを作ろう
yokomachi
2
140
Datadog で実現するセキュリティ対策 ~オブザーバビリティとセキュリティを 一緒にやると何がいいのか~
a2ush
0
190
仕様通り動くの先へ。Claude Codeで「使える」を検証する
gotalab555
6
2k
機能・非機能の学びを一つに!Agent Skillsで月間レポート作成始めてみた / Unifying Bug & Infra Insights — Building Monthly Quality Reports with Agent Skills
bun913
5
2.9k
パワポ作るマンをMCP Apps化してみた
iwamot
PRO
0
300
組織的なAI活用を阻む 最大のハードルは コンテキストデザインだった
ixbox
1
440
Featured
See All Featured
Context Engineering - Making Every Token Count
addyosmani
9
790
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
280
Optimizing for Happiness
mojombo
378
71k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
140
The Mindset for Success: Future Career Progression
greggifford
PRO
0
300
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
320
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Test your architecture with Archunit
thirion
1
2.2k
Visualization
eitanlees
150
17k
Faster Mobile Websites
deanohume
310
31k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.2k
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
420
Transcript
Multiple Ingress on GKE Orangesys Inc.
$Who am I Orangesys Inc. Tachibana Shuji Twitter @gavinzhm https://github.com/orangesys
Running
Orangesys Inc. SaaS監視システム @orangesysio https://orangesys.io
None
None
Orangesys • Kubernetes on GKE • OpsDev -> NoOps Architecture
Architecture: Orangesys > Kubernetes Apigateway Namespace Cloud Load Balancing Standard
Devices HTTPS Browser Client Production Namespace Kube-system Namespace Tiller Replication Controller Grafana Container Engine Replication Controller Influxdb Container Engine Replication Controller Corporate Site App Engine Autoscaling Orangesys Firebase Autoscaling Monitoring Namespace Prometheus RC Influxdb RC Grafana RC Opsbot Namespace Kubebot RC K8s-event RC Stripe Server Api Container Engine Replication Controller PostgresSQL Container Engine Replication Controller MariaDb Container Engine Replication Controller Nginx Container Engine Replication Controller Traefik Container Engine Replication Controller Server Telegraf Ingress Container Engine Replication Controller Kong ApiGateway Container Engine Replication Controller Kubenetes API Replication Controller SSL Cert Bot Replication Controller Orange Api Container Engine Replication Controller
Technology Stack
Agenda • Traefik ingress • Nginx ingress
Why other ingress?! • Wildcard Host not support • Multi
TLS not support • Cross-namespace not support • http -> https redirect • GCPLB、20$/m
Traefik ingress 設定簡単、監視 Dashboardがある
Nginx ingress • Basic Auth support • Rewrite support •
Redirect support
Topic • TLS secret 名前は tls.crt/tls.key • Ingress http通信禁止できる、redirectできない ◦ ingress.kubernetes.io/ssl-redirect:
"false" • Kubernetes Certificate Managerを利用すると、letsencrypt証明証設定が簡単 • Helm https://github.com/orangesys
gavinzhou
iij_pr
mixi_engineers
tsubakimoto_s
alchemy1115
oracle4engineer
comi190327
yokomachi
a2ush
gotalab555
bun913
iwamot
ixbox
addyosmani
baasie
mojombo
techseoconnect
greggifford
skipperchong
iamctodd
thirion
eitanlees
deanohume
charlesmeaden
frankvandijk
