Install ChaosCenter with Ingress
Prerequisites​
Before setting up endpoint with Ingress make sure the ChaosCenter is installed in either one of these scopes:
Install ChaosCenter with Ingress​
Since Litmus 2.0.0, ChaosCenter can be installed with ingress. We will use the Nginx ingress controller for ingress setup.
- By default, the service type is
NodePort
. For Ingress, we need to change the service type toClusterIP
in the following services:
litmusportal-frontend-service
litmusportal-server-service
- Install Nginx Ingress Controller along with Kubernetes RBAC roles and bindings, please refer here.
note
Set the environment variable INGRESS as true in the litmusportal-server deployment.
Example:
kubectl set env deployment/litmusportal-server -n litmus --containers="graphql-server" INGRESS="true"
note
If you're changing ingress name from litmus-ingress to a different name, make sure to update the INGRESS_NAME environment variable in the litmusportal-server deployment.
Example:
kubectl set env deployment/litmusportal-server -n litmus --containers="graphql-server" INGRESS_NAME="litmus-ingress"
With HTTP​
Sample LitmusChaos Ingress manifest with HTTP:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
name: litmus-ingress
spec:
rules:
- host: '<HOST-NAME>'
http:
paths:
- backend:
service:
name: litmusportal-frontend-service
port:
number: 9091
path: /(.*)
pathType: ImplementationSpecific
- backend:
service:
name: litmusportal-server-service
port:
number: 9002
path: /backend/(.*)
pathType: ImplementationSpecific
kubectl apply -f <litmus_ingress_manifest> -n <PORTAL_NAMESPACE>
With HTTPS​
- Install CertManager
kubectl create namespace cert-manager
helm repo add jetstack https://charts.jetstack.io
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.3.0 --set installCRDs=true
- Install LetsEncrypt Cluster Issuer
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: "your@mail.com"
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress:
class: nginx
- Sample Litmus Portal Ingress Manifest with HTTPS
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
labels:
component: litmusportal-frontend
name: litmusportal-ingress
namespace: litmus
spec:
rules:
- host: '<HOST-NAME>'
http:
paths:
- backend:
service:
name: litmusportal-frontend-service
port:
number: 9091
path: /(.*)
pathType: ImplementationSpecific
- backend:
service:
name: litmusportal-server-service
port:
number: 9002
path: /backend/(.*)
pathType: ImplementationSpecific
tls:
- hosts:
- '<HOST-NAME>'
secretName: litmuspreview-tls-secret
kubectl apply -f <litmus_ingress_manifest> -n <PORTAL_NAMESPACE>