Skip to main content
Version: Next

Install ChaosCenter with Ingress


Prerequisites​

Before setting up endpoint with Ingress make sure the ChaosCenter is installed in either one of these scopes:

Install ChaosCenter with Ingress​

Since Litmus 2.0.0, ChaosCenter can be installed with ingress. We will use the Nginx ingress controller for ingress setup.

  1. By default, the service type is NodePort. For Ingress, we need to change the service type to ClusterIP in the following services:
  • litmusportal-frontend-service
  • litmusportal-server-service
  1. Install Nginx Ingress Controller along with Kubernetes RBAC roles and bindings, please refer here.
note

Set the environment variable INGRESS as true in the litmusportal-server deployment.

Example:

kubectl set env deployment/litmusportal-server -n litmus --containers="graphql-server" INGRESS="true"
note

If you're changing ingress name from litmus-ingress to a different name, make sure to update the INGRESS_NAME environment variable in the litmusportal-server deployment.

Example:

kubectl set env deployment/litmusportal-server -n litmus --containers="graphql-server" INGRESS_NAME="litmus-ingress"

With HTTP​

Sample LitmusChaos Ingress manifest with HTTP:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
name: litmus-ingress
spec:
rules:
- host: '<HOST-NAME>'
http:
paths:
- backend:
service:
name: litmusportal-frontend-service
port:
number: 9091
path: /(.*)
pathType: ImplementationSpecific
- backend:
service:
name: litmusportal-server-service
port:
number: 9002
path: /backend/(.*)
pathType: ImplementationSpecific
kubectl apply -f <litmus_ingress_manifest> -n <PORTAL_NAMESPACE>

With HTTPS​

  1. Install CertManager
kubectl create namespace cert-manager
helm repo add jetstack https://charts.jetstack.io
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.3.0 --set installCRDs=true
  1. Install LetsEncrypt Cluster Issuer
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: "your@mail.com"
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress:
class: nginx
  1. Sample Litmus Portal Ingress Manifest with HTTPS
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
labels:
component: litmusportal-frontend
name: litmusportal-ingress
namespace: litmus
spec:
rules:
- host: '<HOST-NAME>'
http:
paths:
- backend:
service:
name: litmusportal-frontend-service
port:
number: 9091
path: /(.*)
pathType: ImplementationSpecific
- backend:
service:
name: litmusportal-server-service
port:
number: 9002
path: /backend/(.*)
pathType: ImplementationSpecific
tls:
- hosts:
- '<HOST-NAME>'
secretName: litmuspreview-tls-secret
kubectl apply -f <litmus_ingress_manifest> -n <PORTAL_NAMESPACE>

Learn more​