Local cluster with kind on Mac M2
Installation
Tools used in this setup:
- kind: https://kind.sigs.k8s.io/
- ingress-nginx: https://kubernetes.github.io/ingress-nginx/
- cert-manager: https://cert-manager.io/
Install kind on Mac using brew:
brew install kind
Create a kind cluster (1 control plane node + 2 worker nodes) with extraPortMappings and node-labels
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
- role: worker
- role: worker
EOF
Install ingress-nginx
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
Install cert-manager
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm -n cert-manager upgrade --install \
--set installCRDs=true \
--version 1.13.3 \
--create-namespace \
cert-manager jetstack/cert-manager
Note: cert-manager helm version 1.13.3 is for kind k8s version 1.27.3 . Please check supported releases here to use the correct version of cert-manager helm chart.
Now create self-signed cluster issuer:
cat <<EOF | kubectl apply -f -
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: selfsigned
spec:
selfSigned: {}
EOF
Optional: Install metrics-server
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/high-availability-1.21+.yaml
Patch metrics-server deployment to fix TLS error
kubectl -n kube-system patch deploy/metrics-server \
--type=json \
-p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/0", "value": "--kubelet-insecure-tls"}]'
Verify the setup
Use localhost ingress
Create the echo pods, service and ingress
kubectl apply -f https://kind.sigs.k8s.io/examples/ingress/usage.yaml
Now verify that the ingress works
# should output "foo-app"
curl localhost/foo/hostname
# should output "bar-app"
curl localhost/bar/hostname
Use custom host name
helm repo add ealenn https://ealenn.github.io/charts
helm repo update
helm upgrade -i echo ealenn/echo-server \
--version=0.5.0 \
--namespace echo \
-f values.yml \
--create-namespace
File values.yml:
ingress:
enabled: true
ingressClassName: 'nginx'
# ingress.annotations -- Example `kubernetes.io/ingress.class: nginx` for Nginx Ingress
annotations:
cert-manager.io/cluster-issuer: selfsigned
nginx.ingress.kubernetes.io/proxy-body-size: 50m
hosts:
- host: echo.local
paths:
- /
tls:
- hosts:
- echo.local
secretName: echo-tls
application:
logs:
ignore:
# Don't log ping request on route `/ping`
ping: true
enable:
# Enable host in response
host: true
# Enable http in response
http: true
# Enable request in response
request: true
# Enable cookies in response
cookies: true
# Hide environment in response
environment: false
# Enable file in response
file: true
# Enable custom header in response
header: true
Edit /etc/hosts file:
127.0.0.1 echo.local localhost
Now verify that ingress works with custom hostname:
curl -k https://echo.local/test | jq
{
"host": {
"hostname": "echo.local",
"ip": "::ffff:10.244.0.7",
"ips": []
},
"http": {
"method": "GET",
"baseUrl": "",
"originalUrl": "/test",
"protocol": "http"
},
"request": {
"params": {
"0": "/test"
},
"query": {},
"cookies": {},
"body": {},
"headers": {
"host": "echo.local",
"x-request-id": "c71d6cd0ae10fd9553bf4f7b83fdebff",
"x-real-ip": "192.168.65.1",
"x-forwarded-for": "192.168.65.1",
"x-forwarded-host": "echo.local",
"x-forwarded-port": "443",
"x-forwarded-proto": "https",
"x-forwarded-scheme": "https",
"x-scheme": "https",
"user-agent": "curl/8.4.0",
"accept": "*/*"
}
}
}
Happy kind K8S! 🥳