Create an ingress

To create an ingress for each public:

  1. Log in into your rancher account and click the "Import YAML" button:

    rancher import

  2. From the Import YAML screen, enter the following to create the service:

    apiVersion: v1
kind: Service
metadata:
  name: esservices-dev-magnolia-helm-public-svc-0 (1)
  namespace: esservices-dev (2)
spec:
  clusterIP: None
  clusterIPs:
    - None
  ports:
    - name: tomcat
      port: 8080
      targetPort: 8080
  selector:
    statefulset.kubernetes.io/pod-name: esservices-dev-magnolia-helm-public-0 (3)
    1 Give a name to the service.
    2 Specify the namespace to create the service.
    3 The name of your public pod.

  3. Then, you need to create the ingress.

    Again you need to import a new yaml with the Import YAML screen:

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/proxy-body-size: 512m
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/configuration-snippet: | (1)
      more_set_headers "X-Robots-Tag: noindex, nofollow";
      more_set_headers "X-Upstream $upstream_addr";
  name: public-0 (2)
  namespace: esservices-dev (3)
spec:
  rules:
  - host: public-0.esservices-dev.eu-playground.magnolia-platform.com (4)
    http:
      paths:
      - backend:
          service:
            name: esservices-dev-magnolia-helm-public-svc-0 (5)
            port:
              name: tomcat
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - public-0.esservices-dev.eu-playground.magnolia-platform.com (4)
    secretName: public-0.esservices-dev.eu-playground.magnolia-platform.com (6)
    1 Only use the `configuration-snippet` exactly as instructed. Otherwise, you may cause issues with your PaaS deployment.
    2 Name of the ingress: you should give a name for the ingress.
    3 Namespace: namespace to create the ingress.
    4 Host: host to access to the specific public.
    5 Name of the service: it must be equal to the one created in the previous step.
    6 Secret Name: secret for access to the public.
ingress url
An ingress is born!

Now, you can see the services created with the urls for each public. You just need to repeat the previous steps for your other public(s).

Set up a wildcard ingress

Use case

You have multiple subdomains in the cluster, but you want to keep it simple at the CDN level.

Instructions

  1. Install an mt-operator version v0.1.7+.

  2. Configure a wildcard ingress with the CDN annotation like the example here.

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    magnolia.info/cdn-provider: fastly (1)
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/from-to-www-redirect: '"true"'
  name: opera-wildcard
  namespace: integration
spec:
  rules:
    - host: '*.opera.mplatform.int.magnolia-platform.com'
      http:
        paths:
          - backend:
              service:
                name: integration-magnolia-helm-public-svc
                port:
                  name: http
            pathType: ImplementationSpecific
  tls:
    - hosts:
        - '*.opera.mplatform.int.magnolia-platform.com'
      secretName: opera-wildcard (2)
    1 The CDN provider.
    2 The secretName.

  3. Ensure the secretName from the new wildcard ingress is the same one used in the main ingress containing all subdomains except the wildcard domain itself.

    tls:
    - hosts:
        - test1.opera.mplatform.int.magnolia-platform.com
        - test1.test.opera.mplatform.int.magnolia-platform.com
        - test2.test.opera.mplatform.int.magnolia-platform.com
      secretName: opera-wildcard (1)
    1 The secretName.
The DNS server must be pointed to the wildcard domain.
Feedback

PaaS

×

Location

This widget lets you know where you are on the docs site.

You are currently perusing through the Magnolia PaaS docs.

Main doc sections

DX Core Headless PaaS Legacy Cloud Incubator modules