Create an ingress

We recommend that ingresses are created via the Cockpit. If you would like to manually create an ingress, please first contact support before continuing with these instructions.

To create an ingress for each public:

  1. Log in into your rancher account and click the "Import YAML" button:

    rancher import

  2. From the Import YAML screen, enter the following to create the service:

    apiVersion: v1
    kind: Service
    metadata:
      name: esservices-dev-magnolia-helm-public-svc-0 (1)
      namespace: esservices-dev (2)
    spec:
      clusterIP: None
      clusterIPs:
        - None
      ports:
        - name: tomcat
          port: 8080
          targetPort: 8080
      selector:
        statefulset.kubernetes.io/pod-name: esservices-dev-magnolia-helm-public-0 (3)
    1 Give a name to the service.
    2 Specify the namespace to create the service.
    3 The name of your public pod.
  3. Then, you need to create the ingress.

    Again you need to import a new yaml with the Import YAML screen:

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      annotations:
        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/proxy-body-size: 512m
        cert-manager.io/cluster-issuer: "letsencrypt-prod-dns"
        nginx.ingress.kubernetes.io/configuration-snippet: | (1)
          more_set_headers "X-Robots-Tag: noindex, nofollow";
          more_set_headers "X-Upstream $upstream_addr";
      name: public-0 (2)
      namespace: esservices-dev (3)
    spec:
      rules:
      - host: public-0.esservices-dev.eu-playground.magnolia-platform.com (4)
        http:
          paths:
          - backend:
              service:
                name: esservices-dev-magnolia-helm-public-svc-0 (5)
                port:
                  name: tomcat
            path: /
            pathType: ImplementationSpecific
      tls:
      - hosts:
        - public-0.esservices-dev.eu-playground.magnolia-platform.com (4)
        secretName: public-0.esservices-dev.eu-playground.magnolia-platform.com (6)
    1 Generally, you shouldn’t use configuration-snippet(s). Use the configuration-snippet exactly as instructed for this example. Otherwise, you may cause issues with your PaaS deployment.
    2 Name of the ingress: you should give a name for the ingress.
    3 Namespace: namespace to create the ingress.
    4 Host: host to access to the specific public.
    5 Name of the service: it must be equal to the one created in the previous step.
    6 Secret Name: secret for access to the public.
ingress url
An ingress is born!

Now, you can see the services created with the urls for each public. You just need to repeat the previous steps for your other public(s).

Set up a wildcard ingress

Use case

You have multiple subdomains in the cluster, but you want to keep it simple at the CDN level.

Instructions

  1. Install an mt-operator version v0.1.7+.

  2. Configure a wildcard ingress with the CDN annotation like the example here.

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      annotations:
        cert-manager.io/cluster-issuer: letsencrypt-prod-dns
        magnolia.info/cdn-provider: fastly (1)
        kubernetes.io/ingress.class: nginx
        nginx.ingress.kubernetes.io/from-to-www-redirect: '"true"'
      name: opera-wildcard
      namespace: integration
    spec:
      rules:
        - host: '*.opera.mplatform.int.magnolia-platform.com'
          http:
            paths:
              - backend:
                  service:
                    name: integration-magnolia-helm-public-svc
                    port:
                      name: http
                pathType: ImplementationSpecific
      tls:
        - hosts:
            - '*.opera.mplatform.int.magnolia-platform.com'
          secretName: opera-wildcard (2)
    1 The CDN provider.
    2 The secretName.
  3. Ensure the secretName from the new wildcard ingress is the same one used in the main ingress containing all subdomains except the wildcard domain itself.

    tls:
        - hosts:
            - test1.opera.mplatform.int.magnolia-platform.com
            - test1.test.opera.mplatform.int.magnolia-platform.com
            - test2.test.opera.mplatform.int.magnolia-platform.com
          secretName: opera-wildcard (1)
    1 The secretName.
The DNS server must be pointed to the wildcard domain.

Further reading

This page covers creating a basic ingress. For more examples of manually creating an ingress, see:

Feedback

PaaS

×

Location

This widget lets you know where you are on the docs site.

You are currently perusing through the Magnolia PaaS docs.

Main doc sections

DX Core Headless PaaS Legacy Cloud Incubator modules