Ingress with Contour
Contour is a project designed to improve and streamline network communication within Kubernetes clusters, making it an essential component for managing traffic within containerized applications. It employs Envoy, a high-performance proxy, to handle ingress traffic and distribute it efficiently across various services.
Following the latest move of bitnami to reserve its image to subscribed customers, Centiloc decided to host qualified versions of helm and images for infrastructure resources.
Centiloc has not performed any security testing on these images and is not responsible for security problems from these images.
To use centiloc harbor charts, you must login using docker protocol:
docker login harbor.centiloc.com --username <username> --passsword <password>
Helm chart will pick images from harbor registry. To do so, your kubernetes instance must contains and provides credentials to log to harbor.centiloc.com.
kubectl create namespace contour
You have to prepare the credentials.
First, base64 encode the following "username:password" (we note this <b64e username:password>), where username and password are credentials to access harbor.centiloc.com.
Then, base64 encode this string, replacing username, password and email with the credentials to log in harbor.centiloc.com:
{"auths":{"harbor.centiloc.com":{"username":"<username>","password":"<password>","email":"<email>","auth":"<b64e username:password>"}}}
The result is your complete dockerconfigjson
Create (copy), update and save the manifest below:
apiVersion: v1
data:
.dockerconfigjson: <base64 for your harbor target>
kind: Secret
metadata:
name: regcred
namespace: contour
type: kubernetes.io/dockerconfigjson
You get, for instance, a regcred.yaml.
kubectl apply -f regcred.yaml
Thisregcred.yamlmay be usefull in the further steps. Keep it.
By default Contour is installed as a LoadBalancer, but depending on your use case, you might want to install Contour as a NodePort, or as a ClusterIP.
When working with either single or multi-node clusters, you might want to install Contour as a LoadBalancer. To do so, please follow the instructions below:
helm install contour oci://harbor.centiloc.com/bitnamicharts/contour --namespace contour --version=21.1.4 --set contour.certgen.certificateLifetime=2190
In a developement environment using kind, you have to install Contour as a NodePort. You can achieve this by running the following command:
helm install contour oci://harbor.centiloc.com/bitnamicharts/contour --namespace contour --version=21.1.4 --set contour.certgen.certificateLifetime=2190 --set envoy.service.type="NodePort" --set envoy.service.nodePorts.http="30180"
Make sure that theNodePortspecified during the Contour installation matches the port configured in yourkindconfiguration (e.g., 30180 in the above example).
Depending on your infrastructure architecture, you may consider installing Contour as a ClusterIP. This approach could be beneficial if you already have an Ingress Controller installed as a LoadBalancer, yet you require Contour to handle HTTP2, and gRPC-web. To install Contour as a ClusterIP use the following command:
helm install contour oci://harbor.centiloc.com/bitnamicharts/contour --namespace contour --version=21.1.4 --set contour.certgen.certificateLifetime=2190 --set envoy.service.type="ClusterIP"
To uninstall the contour deployment, use the following command:
helm delete contour -n contour