#0000 - Add Kubernetes deployment for whoami app

Introduced a new deployment for the whoami application using Kubernetes. The deployment includes a Namespace, Deployment, Service, and Ingress configured for external access at whoami.van-hemmen.com. Updated the README with detailed setup instructions and troubleshooting steps.
2024-12-26 22:24:46 +01:00 · 2024-12-26 22:24:46 +01:00 · 8ed8495f92
commit 8ed8495f92
parent dc0f413b53
2 changed files with 202 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,2 +1,132 @@
-# whoami
+# Whoami Kubernetes Deployment

+This project provides a Kubernetes Deployment for the `whoami` application using
+the `traefik/whoami` container. It creates all the necessary resources (
+Deployment, Service, and Ingress) to expose the application at
+`whoami.van-hemmen.com` via Traefik.
+
+---
+
+## Deployment Steps
+
+Follow the steps below to deploy the `whoami` application:
+
+### 1. Apply the Configuration
+
+Ensure the `deployment.yaml` file is available, then apply it as follows:
+
+```bash
+kubectl apply -f deployment.yaml
+```
+
+This will create:
+
+- A namespace `whoami` for all application resources.
+- A Deployment with 3 replicas running the `traefik/whoami:latest` container.
+- A Service in the `whoami` namespace to expose the pods via an internal
+  ClusterIP.
+- An Ingress resource to route traffic from `whoami.van-hemmen.com` via Traefik.
+
+---
+
+### 2. Verify Resources
+
+Check the status of the created resources using these commands:
+
+1. **Verify Namespace**:
+   ```bash
+   kubectl get namespace
+   ```
+   Output should include the `whoami` namespace.
+
+2. **Check Pods**:
+   ```bash
+   kubectl get pods -n whoami
+   ```
+   Ensure 3 pods are running.
+
+3. **Check Service**:
+   ```bash
+   kubectl get svc -n whoami
+   ```
+   Confirm the `whoami` service is created and exposing port 80.
+
+4. **Check Ingress**:
+   ```bash
+   kubectl get ingress -n whoami
+   ```
+   Ensure the `Ingress` is listed with the host `whoami.van-hemmen.com`.
+
+---
+
+### 3. Access the Application
+
+Once the `Ingress` is configured, visit the application at:
+
+- **HTTP**: `http://whoami.van-hemmen.com`
+- **HTTPS**: `https://whoami.van-hemmen.com`
+
+If everything is correctly set up, you should see the `whoami` application's
+response, displaying information about the client request.
+
+---
+
+## Configuration Overview
+
+Here are the key details of the deployment:
+
+1. **Namespace**:
+    - All resources are isolated within the `whoami` namespace.
+
+2. **Deployment**:
+    - The deployment runs 3 replicas of the `traefik/whoami:latest` container.
+    - Each replica exposes port 80 internally.
+
+3. **Service**:
+    - A ClusterIP service named `whoami` maps incoming traffic on port 80 to the
+      containers.
+
+4. **Ingress**:
+    - The `Ingress` resource routes the traffic for the domain
+      `whoami.van-hemmen.com` via Traefik's `websecure` entrypoint.
+    - A TLS certificate (created by cert-manager) is referenced by the secret
+      name `whoami-app-tls`.
+
+---
+
+## Updating the Deployment
+
+To update any configurations:
+
+1. Edit the `deployment.yaml` file.
+2. Reapply the changes using:
+   ```bash
+   kubectl apply -f deployment.yaml
+   ```
+
+---
+
+## Troubleshooting
+
+1. **Pods Not Running**:
+    - Check the pod logs:
+      ```bash
+      kubectl logs <pod-name> -n whoami
+      ```
+
+2. **Ingress Not Working**:
+    - Verify that the `Ingress` resource is correctly applied:
+      ```bash
+      kubectl describe ingress whoami-ingress -n whoami
+      ```
+    - Check the external URL by inspecting the `Ingress` host and annotations.
+
+3. **DNS Issues**:
+    - Ensure that external-dns has correctly created the DNS record for
+      `whoami.van-hemmen.com`.
+
+---
+
+## License
+
+This project is licensed under the [MIT License](LICENSE).
--- a/deployment.yaml
+++ b/deployment.yaml
@ -0,0 +1,71 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: whoami
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: whoami
+  name: whoami
+  namespace: whoami
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: whoami
+  template:
+    metadata:
+      labels:
+        app: whoami
+    spec:
+      containers:
+        - image: traefik/whoami:v1.10.3
+          name: whoami
+          ports:
+            - name: web
+              containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: whoami
+  name: whoami
+  namespace: whoami
+spec:
+  ports:
+    - name: http
+      port: 80
+      targetPort: web
+  selector:
+    app: whoami
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: whoami-ingress
+  namespace: whoami
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    external-dns.alpha.kubernetes.io/hostname: whoami.van-hemmen.com
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+spec:
+  rules:
+    - host: whoami.van-hemmen.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: whoami
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - whoami.van-hemmen.com
+      secretName: whoami-app-tls
+---