mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-17 15:35:09 +00:00
Merge 17eb244c9d into a2c40e6522
This commit is contained in:
Vishal More
GitHub
commit
720f83aa58
21 changed files with 309 additions and 108 deletions
|
|
@ -54,8 +54,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: rest-api
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
||||
# nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
# proxy settings handled by Traefik
|
||||
# labels:
|
||||
# app: rest-api
|
||||
# app.kubernetes.io/instance: fabricpeer
|
||||
|
|
@ -64,7 +63,7 @@ metadata:
|
|||
# creator: fabric
|
||||
# orgname: Org1MSP
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
ingressClassName: traefik
|
||||
rules:
|
||||
- host: restapi.localho.st
|
||||
http:
|
||||
|
|
|
|||
|
|
@ -14,11 +14,10 @@ function cluster_info() {
|
|||
kubectl cluster-info &>/dev/null
|
||||
}
|
||||
|
||||
function nginx() {
|
||||
kubectl -n ingress-nginx get all &>/dev/null
|
||||
kubectl -n ingress-nginx get deployment.apps/ingress-nginx-controller &>/dev/null
|
||||
function ingress() {
|
||||
kubectl -n traefik get all &>/dev/null
|
||||
kubectl -n traefik get deployment.apps/traefik &>/dev/null
|
||||
curl http://${WORKSHOP_INGRESS_DOMAIN} &>/dev/null
|
||||
curl --insecure https://${WORKSHOP_INGRESS_DOMAIN}:443 &>/dev/null
|
||||
}
|
||||
|
||||
function container_registry() {
|
||||
|
|
@ -30,7 +29,7 @@ must_declare WORKSHOP_INGRESS_DOMAIN
|
|||
must_declare WORKSHOP_NAMESPACE
|
||||
|
||||
check cluster_info "k8s API controller is running"
|
||||
check nginx "Nginx ingress is running at https://${WORKSHOP_INGRESS_DOMAIN}"
|
||||
check ingress "Traefik ingress is running at http://${WORKSHOP_INGRESS_DOMAIN}"
|
||||
|
||||
if [ x"${WORKSHOP_CLUSTER_RUNTIME}" == x"kind" ]; then
|
||||
check container_registry "Container registry is running at ${WORKSHOP_INGRESS_DOMAIN}:5000"
|
||||
|
|
|
|||
|
|
@ -15,3 +15,4 @@
|
|||
},
|
||||
"include": ["src/"]
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
Fabric云原生部署,所有的组件直接在工作站上运行,在这个步骤中,您将会配置:
|
||||
- 一个本地[kind](https://kind.sigs.k8s.io) 集群,来运行k8s.
|
||||
|
||||
- 一个本地[Ingress controller](https://github.com/kubernetes/ingress-nginx), 将k8s集群的路由设置到 `*.localho.st` 这个虚拟域名上.
|
||||
- 一个本地[Ingress controller](https://traefik.io/), 将k8s集群的路由设置到 `*.localho.st` 这个虚拟域名上.
|
||||
|
||||
- 一个本地[Container Registry](https://docs.docker.com/registry/insecure/), 允许您上传智能合约的docker镜像。
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ With cloud-native Fabric, all the components can run directly on your developmen
|
|||
|
||||
- A local [kind](https://kind.sigs.k8s.io) cluster, running Kubernetes in Docker.
|
||||
|
||||
- A local [Ingress controller](https://github.com/kubernetes/ingress-nginx), routing traffic into the cluster at the `*.localho.st` virtual DNS domain.
|
||||
- A local [Ingress controller](https://traefik.io/), routing traffic into the cluster at the `*.localho.st` virtual DNS domain.
|
||||
|
||||
- A local [Container Registry](https://docs.docker.com/registry/insecure/), allowing you to upload chaincode Docker images to the cluster.
|
||||
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ just nginx
|
|||
### IKS
|
||||
```shell
|
||||
|
||||
export INGRESS_IPADDR=$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export INGRESS_IPADDR=$(kubectl -n traefik get svc/traefik -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
|
||||
|
||||
```
|
||||
|
|
@ -95,7 +95,7 @@ export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
|
|||
### EKS
|
||||
```shell
|
||||
|
||||
export INGRESS_HOSTNAME=$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o json | jq -r '.status.loadBalancer.ingress[0].hostname')
|
||||
export INGRESS_HOSTNAME=$(kubectl -n traefik get svc/traefik -o json | jq -r '.status.loadBalancer.ingress[0].hostname')
|
||||
export INGRESS_IPADDR=$(dig $INGRESS_HOSTNAME +short)
|
||||
export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
|
||||
|
||||
|
|
@ -103,7 +103,7 @@ export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
|
|||
### Digital ocean
|
||||
```shell
|
||||
|
||||
export INGRESS_HOSTNAME=$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export INGRESS_HOSTNAME=$(kubectl -n traefik get svc/traefik -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_HOSTNAME | tr -s '.' '-').nip.io
|
||||
|
||||
```
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ Check the Ingress controllers domain
|
|||
|
||||
For IKS:
|
||||
```shell
|
||||
export INGRESS_IPADDR=$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export INGRESS_IPADDR=$(kubectl -n traefik get svc/traefik -o json | jq -r '.status.loadBalancer.ingress[0].ip')
|
||||
export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
|
||||
```
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
register: resultingress
|
||||
|
||||
- name: Wait for the ingress
|
||||
command: kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=2m
|
||||
command: kubectl wait --namespace traefik --for=condition=ready pod --selector=app=traefik --timeout=2m
|
||||
changed_when: false
|
||||
|
||||
# Override the cluster DNS with a local override to refer pods to the HOST interface
|
||||
|
|
@ -17,8 +17,8 @@
|
|||
k8s_info:
|
||||
api_version: v1
|
||||
kind: service
|
||||
namespace: ingress-nginx
|
||||
name: "ingress-nginx-controller"
|
||||
namespace: traefik
|
||||
name: "traefik"
|
||||
register: ingress_info
|
||||
|
||||
- name: Applying CoreDNS overrides for ingress domain
|
||||
|
|
@ -33,5 +33,5 @@
|
|||
- name: Rollout the CoreDNS
|
||||
shell: |
|
||||
kubectl -n kube-system rollout restart deployment/coredns
|
||||
kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=2m
|
||||
kubectl wait --namespace traefik --for=condition=ready pod --selector=app=traefik --timeout=2m
|
||||
changed_when: false
|
||||
|
|
|
|||
|
|
@ -1,39 +0,0 @@
|
|||
#
|
||||
# Copyright contributors to the Hyperledger Fabric Operator project
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at:
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: ingress-nginx
|
||||
name: ingress-nginx-controller
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: controller
|
||||
args:
|
||||
- /nginx-ingress-controller
|
||||
- --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
|
||||
- --election-id=ingress-controller-leader
|
||||
- --controller-class=k8s.io/ingress-nginx
|
||||
- --ingress-class=nginx
|
||||
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
|
||||
- --validating-webhook=:8443
|
||||
- --validating-webhook-certificate=/usr/local/certificates/cert
|
||||
- --validating-webhook-key=/usr/local/certificates/key
|
||||
- --enable-ssl-passthrough
|
||||
|
|
@ -19,18 +19,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- https://github.com/kubernetes/ingress-nginx.git/deploy/static/provider/cloud?ref=controller-v1.1.2
|
||||
|
||||
|
||||
# Remove the port `appProtocol` attribute as this is not accepted by all cloud providers
|
||||
patches:
|
||||
- patch: |-
|
||||
- op: remove
|
||||
path: "/spec/ports/0/appProtocol"
|
||||
- op: remove
|
||||
path: "/spec/ports/1/appProtocol"
|
||||
target:
|
||||
kind: Service
|
||||
name: ingress-nginx-controller
|
||||
version: v1
|
||||
- path: ingress-nginx-controller.yaml
|
||||
- traefik-controller.yaml
|
||||
|
|
|
|||
|
|
@ -0,0 +1,96 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: traefik
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: traefik
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["services", "endpoints", "pods", "secrets", "nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["networking.k8s.io"]
|
||||
resources: ["ingresses", "ingressclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: traefik
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: traefik
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: IngressClass
|
||||
metadata:
|
||||
name: traefik
|
||||
spec:
|
||||
controller: traefik.io/ingress-controller
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
selector:
|
||||
app: traefik
|
||||
ports:
|
||||
- name: web
|
||||
protocol: TCP
|
||||
port: 80
|
||||
targetPort: 80
|
||||
- name: websecure
|
||||
protocol: TCP
|
||||
port: 443
|
||||
targetPort: 443
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: traefik
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: traefik
|
||||
spec:
|
||||
serviceAccountName: traefik
|
||||
containers:
|
||||
- name: traefik
|
||||
image: traefik:v3.0.17
|
||||
args:
|
||||
- --entrypoints.web.address=:80
|
||||
- --entrypoints.websecure.address=:443
|
||||
- --providers.kubernetesingress
|
||||
- --providers.kubernetesingress.ingressclass=traefik
|
||||
- --providers.kubernetesingress.ingressendpoint.publishedservice=traefik/traefik
|
||||
- --log.level=INFO
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 80
|
||||
hostPort: 80
|
||||
protocol: TCP
|
||||
- name: websecure
|
||||
containerPort: 443
|
||||
hostPort: 443
|
||||
protocol: TCP
|
||||
|
|
@ -96,13 +96,14 @@ EOF
|
|||
# ssl_passthrough mode is enabled for TLS termination at the Fabric node enpdoints.
|
||||
#
|
||||
function start_nginx() {
|
||||
kubectl apply -k https://github.com/hyperledger-labs/fabric-operator.git/config/ingress/kind
|
||||
# apply local Traefik manifest
|
||||
kubectl apply -f infrastructure/kind_console_ingress/templates/ingress/traefik-controller.yaml
|
||||
|
||||
sleep 20
|
||||
|
||||
kubectl wait --namespace ingress-nginx \
|
||||
kubectl wait --namespace traefik \
|
||||
--for=condition=ready pod \
|
||||
--selector=app.kubernetes.io/component=controller \
|
||||
--selector=app=traefik \
|
||||
--timeout=3m
|
||||
}
|
||||
|
||||
|
|
@ -113,7 +114,7 @@ function start_nginx() {
|
|||
# than to the loopback interface at 127.0.0.1.
|
||||
#
|
||||
function apply_coredns_override() {
|
||||
CLUSTER_IP=$(kubectl -n ingress-nginx get svc ingress-nginx-controller -o json | jq -r .spec.clusterIP)
|
||||
CLUSTER_IP=$(kubectl -n traefik get svc traefik -o json | jq -r .spec.clusterIP)
|
||||
|
||||
cat << EOF | kubectl apply -f -
|
||||
---
|
||||
|
|
|
|||
|
|
@ -0,0 +1,164 @@
|
|||
#!/usr/bin/env bash
|
||||
#
|
||||
# Copyright contributors to the Hyperledgendary Full Stack Asset Transfer project
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at:
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
set -eo pipefail
|
||||
set -x
|
||||
|
||||
KIND_CLUSTER_NAME=kind
|
||||
KIND_CLUSTER_IMAGE=${KIND_CLUSTER_IMAGE:-kindest/node:v1.28.0}
|
||||
KIND_API_SERVER_ADDRESS=${KIND_API_SERVER_ADDRESS:-127.0.0.1}
|
||||
KIND_API_SERVER_PORT=${KIND_API_SERVER_PORT:-8888}
|
||||
CONTAINER_REGISTRY_NAME=${CONTAINER_REGISTRY_NAME:-kind-registry}
|
||||
CONTAINER_REGISTRY_ADDRESS=${CONTAINER_REGISTRY_ADDRESS:-127.0.0.1}
|
||||
CONTAINER_REGISTRY_PORT=${CONTAINER_REGISTRY_PORT:-5000}
|
||||
|
||||
function kind_with_traefik() {
|
||||
|
||||
delete_cluster
|
||||
|
||||
create_cluster
|
||||
|
||||
start_traefik
|
||||
|
||||
apply_coredns_override
|
||||
|
||||
launch_docker_registry
|
||||
}
|
||||
|
||||
function delete_cluster() {
|
||||
kind delete cluster --name $KIND_CLUSTER_NAME
|
||||
}
|
||||
|
||||
function create_cluster() {
|
||||
cat << EOF | kind create cluster --name $KIND_CLUSTER_NAME --image $KIND_CLUSTER_IMAGE --config=-
|
||||
---
|
||||
kind: Cluster
|
||||
apiVersion: kind.x-k8s.io/v1alpha4
|
||||
nodes:
|
||||
- role: control-plane
|
||||
kubeadmConfigPatches:
|
||||
- |
|
||||
kind: InitConfiguration
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs:
|
||||
node-labels: "ingress-ready=true"
|
||||
extraPortMappings:
|
||||
- containerPort: 80
|
||||
hostPort: 80
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
hostPort: 443
|
||||
protocol: TCP
|
||||
networking:
|
||||
apiServerAddress: ${KIND_API_SERVER_ADDRESS}
|
||||
apiServerPort: ${KIND_API_SERVER_PORT}
|
||||
|
||||
containerdConfigPatches:
|
||||
- |-
|
||||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${CONTAINER_REGISTRY_PORT}"]
|
||||
endpoint = ["http://${CONTAINER_REGISTRY_NAME}:${CONTAINER_REGISTRY_PORT}"]
|
||||
EOF
|
||||
|
||||
for node in $(kind get nodes);
|
||||
do
|
||||
docker exec "$node" sysctl net.ipv4.conf.all.route_localnet=1;
|
||||
done
|
||||
}
|
||||
|
||||
function start_traefik() {
|
||||
kubectl apply -f infrastructure/kind_console_ingress/templates/ingress/traefik-controller.yaml
|
||||
|
||||
sleep 20
|
||||
|
||||
kubectl wait --namespace traefik \
|
||||
--for=condition=ready pod \
|
||||
--selector=app=traefik \
|
||||
--timeout=3m
|
||||
}
|
||||
|
||||
function apply_coredns_override() {
|
||||
CLUSTER_IP=$(kubectl -n traefik get svc traefik -o json | jq -r .spec.clusterIP)
|
||||
|
||||
cat << EOF | kubectl apply -f -
|
||||
---
|
||||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: coredns
|
||||
namespace: kube-system
|
||||
data:
|
||||
Corefile: |
|
||||
.:53 {
|
||||
errors
|
||||
health {
|
||||
lameduck 5s
|
||||
}
|
||||
ready
|
||||
rewrite name regex (.*)\.localho\.st host.ingress.internal
|
||||
hosts {
|
||||
${CLUSTER_IP} host.ingress.internal
|
||||
fallthrough
|
||||
}
|
||||
kubernetes cluster.local in-addr.arpa ip6.arpa {
|
||||
pods insecure
|
||||
fallthrough in-addr.arpa ip6.arpa
|
||||
ttl 30
|
||||
}
|
||||
prometheus :9153
|
||||
forward . /etc/resolv.conf {
|
||||
max_concurrent 1000
|
||||
}
|
||||
cache 30
|
||||
loop
|
||||
reload
|
||||
loadbalance
|
||||
}
|
||||
EOF
|
||||
|
||||
kubectl -n kube-system rollout restart deployment/coredns
|
||||
}
|
||||
|
||||
function launch_docker_registry() {
|
||||
running="$(docker inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)"
|
||||
if [ "${running}" != 'true' ]; then
|
||||
docker run \
|
||||
--detach \
|
||||
--restart always \
|
||||
--name "${CONTAINER_REGISTRY_NAME}" \
|
||||
--publish "${CONTAINER_REGISTRY_ADDRESS}:${CONTAINER_REGISTRY_PORT}:${CONTAINER_REGISTRY_PORT}" \
|
||||
registry:2
|
||||
fi
|
||||
|
||||
docker network connect "kind" "${CONTAINER_REGISTRY_NAME}" || true
|
||||
|
||||
cat <<EOF | kubectl apply -f -
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: local-registry-hosting
|
||||
namespace: kube-public
|
||||
data:
|
||||
localRegistryHosting.v1: |
|
||||
host: "localhost:${CONTAINER_REGISTRY_PORT}"
|
||||
help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
|
||||
EOF
|
||||
}
|
||||
|
||||
kind_with_traefik
|
||||
|
|
@ -49,8 +49,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: org1-peer-gateway
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
||||
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
# proxy settings handled by Traefik
|
||||
labels:
|
||||
app: org1-peer-gateway
|
||||
app.kubernetes.io/instance: fabricpeer
|
||||
|
|
@ -59,7 +58,7 @@ metadata:
|
|||
creator: fabric
|
||||
orgname: Org1MSP
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
ingressClassName: traefik
|
||||
rules:
|
||||
- host: test-network-org1-peer-gateway.${WORKSHOP_INGRESS_DOMAIN}
|
||||
http:
|
||||
|
|
|
|||
|
|
@ -49,8 +49,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: org2-peer-gateway
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
||||
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
# proxy settings handled by Traefik
|
||||
labels:
|
||||
app: org2-peer-gateway
|
||||
app.kubernetes.io/instance: fabricpeer
|
||||
|
|
@ -59,7 +58,7 @@ metadata:
|
|||
creator: fabric
|
||||
orgname: Org2MSP
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
ingressClassName: traefik
|
||||
rules:
|
||||
- host: test-network-org2-peer-gateway.${WORKSHOP_INGRESS_DOMAIN}
|
||||
http:
|
||||
|
|
|
|||
|
|
@ -40,8 +40,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: frontend
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
||||
# nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
# proxy settings handled by Traefik
|
||||
# labels:
|
||||
# app: frontend
|
||||
# app.kubernetes.io/instance: fabricpeer
|
||||
|
|
@ -50,7 +49,7 @@ metadata:
|
|||
# creator: fabric
|
||||
# orgname: Org1MSP
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
ingressClassName: traefik
|
||||
rules:
|
||||
- host: frontend.localho.st
|
||||
http:
|
||||
|
|
|
|||
|
|
@ -45,8 +45,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: rest-api
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
||||
# nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
# proxy settings handled by Traefik
|
||||
# labels:
|
||||
# app: rest-api
|
||||
# app.kubernetes.io/instance: fabricpeer
|
||||
|
|
@ -55,7 +54,7 @@ metadata:
|
|||
# creator: fabric
|
||||
# orgname: Org1MSP
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
ingressClassName: traefik
|
||||
rules:
|
||||
- host: restapi.localho.st
|
||||
http:
|
||||
|
|
|
|||
|
|
@ -48,12 +48,12 @@ external_repo_endpoint := env_var_or_default("WORKSHOP_EXTERNAL_REPO", "loc
|
|||
cluster_type := env_var_or_default("WORKSHOP_CLUSTER_TYPE", "k8s")
|
||||
|
||||
|
||||
# Start a local KIND cluster with nginx, localhost:5000 registry, and *.localho.st alias in kube DNS
|
||||
# Start a local KIND cluster with Traefik, localhost:5000 registry, and *.localho.st alias in kube DNS
|
||||
kind: unkind
|
||||
#!/usr/bin/env bash
|
||||
set -e -o pipefail
|
||||
|
||||
infrastructure/kind_with_nginx.sh {{cluster_name}}
|
||||
infrastructure/kind_with_traefik.sh {{cluster_name}}
|
||||
ls -lart ~/.kube/config
|
||||
chmod o+r ~/.kube/config
|
||||
|
||||
|
|
@ -71,16 +71,16 @@ unkind:
|
|||
docker rm kind-registry
|
||||
fi
|
||||
|
||||
# Bring up the nginx ingress controller on the target k8s cluster
|
||||
nginx:
|
||||
# Bring up the Traefik ingress controller on the target k8s cluster
|
||||
traefik:
|
||||
#!/usr/bin/env bash
|
||||
kubectl apply -k https://github.com/hyperledger-labs/fabric-operator.git/config/ingress/{{ cluster_runtime }}
|
||||
kubectl apply -f infrastructure/kind_console_ingress/templates/ingress/traefik-controller.yaml
|
||||
|
||||
sleep 20
|
||||
|
||||
kubectl wait --namespace ingress-nginx \
|
||||
kubectl wait --namespace traefik \
|
||||
--for=condition=ready pod \
|
||||
--selector=app.kubernetes.io/component=controller \
|
||||
--selector=app=traefik \
|
||||
--timeout=3m
|
||||
|
||||
# Just start the operator
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ export WORKSHOP_INGRESS_DOMAIN=localho.st
|
|||
export WORKSHOP_NAMESPACE=test-network
|
||||
|
||||
|
||||
# Create a Kubernetes cluster in Docker, configure an Nginx ingress, and docker container registry
|
||||
# Create a Kubernetes cluster in Docker, configure a Traefik ingress, and docker container registry
|
||||
just kind
|
||||
|
||||
# KIND will set the current kube client context in ~/.kube/config
|
||||
|
|
@ -86,12 +86,11 @@ just check-kube
|
|||
[[ ${WORKSHOP_INGRESS_DOMAIN+x} ]] || exit 1
|
||||
[[ ${WORKSHOP_NAMESPACE+x} ]] || exit 1
|
||||
|
||||
# check Nginx ingress
|
||||
kubectl -n ingress-nginx get all
|
||||
kubectl -n ingress-nginx get deployment.apps/ingress-nginx-controller
|
||||
# check Traefik ingress
|
||||
kubectl -n traefik get all
|
||||
kubectl -n traefik get deployment.apps/traefik
|
||||
|
||||
curl http://${WORKSHOP_INGRESS_DOMAIN}
|
||||
curl --insecure https://${WORKSHOP_INGRESS_DOMAIN}:443
|
||||
|
||||
# Install operator CRDs
|
||||
kubectl apply -k https://github.com/hyperledger-labs/fabric-operator.git/config/crd
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ export WORKSHOP_INGRESS_DOMAIN=localho.st
|
|||
export WORKSHOP_NAMESPACE=fabricinfra
|
||||
|
||||
|
||||
# Create a Kubernetes cluster in Docker, configure an Nginx ingress, and docker container registry
|
||||
# Create a Kubernetes cluster in Docker, configure a Traefik ingress, and docker container registry
|
||||
just kind
|
||||
|
||||
# KIND will set the current kube client context in ~/.kube/config
|
||||
|
|
@ -80,12 +80,11 @@ just check-kube
|
|||
[[ ${WORKSHOP_INGRESS_DOMAIN+x} ]] || exit 1
|
||||
[[ ${WORKSHOP_NAMESPACE+x} ]] || exit 1
|
||||
|
||||
# check Nginx ingress
|
||||
kubectl -n ingress-nginx get all
|
||||
kubectl -n ingress-nginx get deployment.apps/ingress-nginx-controller
|
||||
# check Traefik ingress
|
||||
kubectl -n traefik get all
|
||||
kubectl -n traefik get deployment.apps/traefik
|
||||
|
||||
curl http://${WORKSHOP_INGRESS_DOMAIN}
|
||||
curl --insecure https://${WORKSHOP_INGRESS_DOMAIN}:443
|
||||
|
||||
# Bring up the operator and console
|
||||
just ansible-review-config
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ export WORKSHOP_INGRESS_DOMAIN=localho.st
|
|||
export WORKSHOP_NAMESPACE=fabricinfra
|
||||
|
||||
|
||||
# Create a Kubernetes cluster in Docker, configure an Nginx ingress, and docker container registry
|
||||
# Create a Kubernetes cluster in Docker, configure a Traefik ingress, and docker container registry
|
||||
just kind
|
||||
|
||||
# KIND will set the current kube client context in ~/.kube/config
|
||||
|
|
@ -82,7 +82,7 @@ kubectl -n ${WORKSHOP_NAMESPACE} get deployment fabric-operator
|
|||
# Console running?
|
||||
kubectl -n ${WORKSHOP_NAMESPACE} get deployment hlf-console
|
||||
|
||||
# Console listening at the Nginx ingress?
|
||||
curl --fail --insecure https://${WORKSHOP_NAMESPACE}-hlf-console-console.${WORKSHOP_INGRESS_DOMAIN}/
|
||||
# Console listening at the Traefik ingress?
|
||||
curl --fail http://${WORKSHOP_NAMESPACE}-hlf-console-console.${WORKSHOP_INGRESS_DOMAIN}/
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue