I have a YT channel where I discuss Life and Sports, but as a professional, I am a DevOps and Kubernetes expert in Finland but I love to watch your videos in the DESI language. thanks
Your video is so helpful! I've been struggling with this topic for a while, but after watching your video, I feel much more confident in my understanding. Thank you! You're going to be a celebrity in the IT industry, I just know it!
Supperb, video i mean exact production view..your video is really amazing and it will help alot of junior and learner please keep it up and make more issue and production video 👍 thanks for this
Yeh wala thora uper uper se nikal gya!! but hats off your efforts put in animations and graphics to make the content awesome yet easy to grasp. Well Done 👏
Very good content riya thank you so much i did know about ingress but i didn't about how to add tls or SSL certificates thanks for your explanation thank you very much 🙏
Awasome video dear. Kindly create video for how to procure google managed certificates for the path based routing. Thanks appreciate for your good content
Thank you very much for this detailed explanation. I have one question: There is a expiry duration of this certificate, if it get expires we have reapply the cluster issues or it will automatically renew it? I have used it in my environments and just had this doubt.
Good content ..., Would like to add can be done using the public IP that is given by ingress and then map that IP in DNS that would have conveyed better... Thanks.....
Thanks for your feedback! Mapping the public IP given by ingress in DNS is definitely another way to achieve the same result. I appreciate you sharing this tip with the community!
Thank you Riya for your Awsome explaination. Do I need to buy domain name to perform this ingress practical? is there any alternate way to get domain name?
hi @riya one doubt what was the difference in prod and stage file that make prod cert as locked https when prod was applied to ingress.yml can you please tell. thanks riya for the video it was great.
! Great 👍 I have a question about ssl if my SSL certificate is already installed on my domain then it's necessary setup SSL certificate from kubernetes cluster ? Hope you understand what I want to say .
No, if your SSL certificate is already installed on your domain, it's not necessary to set up the SSL certificate from the Kubernetes cluster. The Ingress in Kubernetes can use the existing SSL certificate configured on your domain. Hope this helps! 👍
I am getting 404 error by coming through domain but with my ingress ip the application is accessible. Although the ssl certificate is applied on domain i am using company custom certificate
As I am performing this tutorial on local linux machine and have done same setup of kind cluster as you've shown in previous video, 1) when we are exposing ingress , it is on node port type then which IP I have to map in my dns record(I am using godaddy). Is it host machines ip on which cluster is there or it is something different ip ? 2) As soon as I create staging_issuer and apply changes in ingress , the secret will be created is getting deleted automatically and in certificate , it is showing Ready=False. Why i am getting this false? 3) Is it important to have external IP for SSL while deploying ingress? Can't we make it possible by our local machine ip if it can be used? Please Answer............
Video is great 👍🏼 I have one little doubt what if i want to use website from internet then i need to use nodeport service right instead of clusterip? Other steps will be same?
Yes, you can use a NodePort service to expose your website to the internet instead of a ClusterIP. The other steps to configure the Ingress resource and setup the ingress controller should be the same, but it's important to implement proper security measures.
Here's a brief guide to get you started: 1. Log in to your domain registrar or DNS hosting provider. 2. Look for the DNS management section or something similar. 3. Add a new DNS record (often called an "A record" or "CNAME record") depending on your needs. 4. Enter the desired hostname (e.g., "subdomain.yourdomain.com") in the record. 5. Point the record to the external IP address of your Ingress controller or load balancer. For more detailed instructions and additional resources, I recommend checking out the documentation of your domain registrar or hosting provider. They often have step-by-step guides tailored to their specific platform. Good luck!
@@DevOpsPro maine apne system ki public IP hostinger par update kar di hai tab bhi domain se access nhi kar pa raha hu. Or ingress to nodeport se local ip de raha hai bas Main ye sab apni local base machine par kar raha hu
I am doing the very same thing on baremetal but when i hit on browser it's not working. when i am doing curl ip:port i am getting the result on terminal
Assalam o Alaikom Ma'm .... as i got confused in the very begining of training tutorial that we must create our Dns record , how gonna create DNS record even we have not configured DNS server either the .yml file create itself or by-default it will be created while executing the yaml file...please Guide me ...
In this tutorial, the DNS record creation is not covered. You can create DNS records separately using your DNS provider or service. The .yaml file you apply will route traffic based on the paths defined within it.
Hello , i did exactly the same, but still iam not able to access the application, then i found that when we hit kubectl decrible ingress commnand , there is nothing in the ADDRESS section,please help me out
The missing ADDRESS section in the kubectl describe ingress output could indicate a problem with your Ingress setup. Ensure that your Ingress resource is configured correctly, and the Ingress controller is running without errors. Double-check your Ingress rules and ensure that your services are up and running.
@@DevOpsPro Hello , Thank-you for your reply, the problem got resolved after doing fresh installation of cluster , but still iam not getting the application on the browser, i have checked with the command kubectl describe ingress ingress-nginx and i got exactly same as you got , still not able to get it right
mam as you mention in start you have to map these domain to server ip (in case of local development) , i dont get to which server ip is that: cluster ip which is created by kind aur nginx ingress controller service ip (service created by nginx ingress ) ?? please reply
I have a question you have created ingress control right with that ingress control do load balancer also create or else we have to attach load balancer to the ingress control? And can I use this nginx ingress control in production I meant to ask that can I use the same yaml file in production
The Ingress resource doesn't automatically create a Load Balancer; you'll need to set that up separately. Yes, you can use the NGINX Ingress Controller in production, but make sure to adjust the YAML file for production settings
thank u for ur reply , iam using local cluster without cloud provider so i didnt get external ip , would you tell me how to connect with aws loadbalacer @@DevOpsPro
Hello, have you defined this sample-1, sample-2 etc in application code or its just fine. actually applications by default listens on "/" path. please clarify. thanks
Amazing video...kindly advise if we have a cluster set by kubeadm tool on AWS Cloud and we have multiple deployments running in that cluster and we want to attach load balancer with that cluster and want to make all the deployments accessible through load balancer, then how can it be done
To attach a load balancer to your kubeadm-based Kubernetes cluster on AWS, follow these steps: 1. Provision an AWS Load Balancer (ALB/NLB). 2. Configure the load balancer to point to your cluster's worker nodes. 3. Expose deployments using a LoadBalancer type Service. 4. Verify that the load balancer routes traffic to the deployments. Hope this helps! Let me know if you have any more questions.
@@DevOpsPro thank you for responding. But what about the target group. Like if we have four deployments running inside a cluster for which we have four services as load balancer for each. So, please let me know that do we need to expose different service ports for each service as I think in target group we need to give these service ports of all four service files so that the traffic can route to each different service through their ports.
Yes, you would need to expose different service ports for each service in order to route traffic to the correct deployment through the loadbalancer. Each deployment/service will have its own target group in the loadbalancer configuration, specifying the corresponding service port. This ensures that traffic is correctly routed to each service within the cluster.
We've already organised the videos into a playlist to make it easier for everyone. You can find it here: ua-cam.com/play/PLY63ZQr2Y5BHkJJhwPjJuJ41CIyv3m7Ru.html
ma'am please come with some production grade projects, eg: microservices , multi tier applications on kubernetes. please choose good project source code
Where we need to point this subdomain. mean IP or Endpoint ? Where your VMs is created. AWS EC2 and or another cloud ? kindly explain in case of 3 Node HA Cluster. Or in case of AWS EKS use ELB to Expose application. What happen if i setup 3 EC2 Node. How to expose service on my domain with Https.? Please answer
You'll need to point the subdomain to the IP or endpoint where your Kubernetes cluster resides. If you're using AWS EC2, it would be the IP of your EC2 instances; for AWS EKS, you'd typically use an ELB. In a 3-node HA cluster, ensure your Ingress controller is highly available. For HTTPS, follow the steps in the video to set up SSL certificates with cert-manager.
ClusterIP is used for internal communication within the cluster, making services accessible only inside the cluster. NodePort, on the other hand, exposes the service externally on a specific port of each node. Use ClusterIP for internal services and NodePort when external access is needed.
If you have actually purchased a domain, you'll need to add the A record from your DNS provider (from where you purchased the domain by default). But if you want to test on your local system without actually purchasing the domain, you can add that entry to /etc/hosts file.
Jaisa apne bola wo sab Kara par na meri site najar aai na SSL jabki koi error bhi nhi dekh Raha or sab wesa hi hai jaisa hona chahiye par site nhi dekh Rahi na SSL
Hi I am getting false error when i use this cmd kubectl get certificate. kubectl get certificate NAME READY SECRET AGE tls-secret False tls-secret 13s even I have attached dns.
It seems like there might be an issue with the certificate configuration or the DNS attachment. Double-check your certificate setup and ensure that the DNS is correctly configured. If the issue persists, reviewing the logs or events associated with the certificate might provide more insight into the problem.
@@DevOpsPro i am also facing same issue.....error is of challenge is Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200'
Please help us with your valuable feedback - forms.gle/E9r3xvTxnLPKz9Hw9
I have a YT channel where I discuss Life and Sports, but as a professional, I am a DevOps and Kubernetes expert in Finland but I love to watch your videos in the DESI language. thanks
Thank you for your support and kind words!
It's Awesome video I have seen over UA-cam.. really appreciate your efforts.. Thanks a lot!!
Your video is so helpful! I've been struggling with this topic for a while, but after watching your video, I feel much more confident in my understanding. Thank you!
You're going to be a celebrity in the IT industry, I just know it!
Glad it was helpful!
Could not be much thankful for this video. All the doubts regarding ingress have been resolved now. Thanks Riya.😘
Thank You Narender, Glad you liked it
Kindly make a video explaining Network policies in K8s. Appreciate your contents, They have always been helpful. Kudos
Thank you so much for putting all your efforts to understand even for NON-ITs
Best solution i got so far for my problem. well organized. Keep it up.
Thanks for sharing the valuable Knowledge
Explained so Thoroughly , Thanks
Supperb, video i mean exact production view..your video is really amazing and it will help alot of junior and learner please keep it up and make more issue and production video 👍 thanks for this
I will try my best
Yeh wala thora uper uper se nikal gya!! but hats off your efforts put in animations and graphics to make the content awesome yet easy to grasp. Well Done 👏
Thank you so much 😀
Nice explanation...to understand the ngnix ingress ...thank you so much🙏
I'm glad you found the explanation helpful!
you content is great we all will support you riya just keep uploading .
Thanks
very informative and full of knowledge
Crisp and clear , Nice Demo on Ingress
Good content please make more video mam
Awesome lecture as always, madam
Very good content riya thank you so much i did know about ingress but i didn't about how to add tls or SSL certificates thanks for your explanation thank you very much 🙏
You're welcome! Glad it was helpful. 🙌
Awasome video dear.
Kindly create video for how to procure google managed certificates for the path based routing. Thanks appreciate for your good content
Excellent , Very good information !
Thank You
Hey @riya your way of explanation is awesome, looking for some more useful playlist of DevOps from you
Awesome Information
Nice explanation.
thanks for your awesome content in hindi
Thank you very much for this detailed explanation. I have one question:
There is a expiry duration of this certificate, if it get expires we have reapply the cluster issues or it will automatically renew it?
I have used it in my environments and just had this doubt.
Well explained..keep going 😊
Thanks a lot 😊
awesome explaination
Good explain
nice video
best explanation ever!
Good content ..., Would like to add can be done using the public IP that is given by ingress and then map that IP in DNS that would have conveyed better... Thanks.....
Thanks for your feedback! Mapping the public IP given by ingress in DNS is definitely another way to achieve the same result. I appreciate you sharing this tip with the community!
can you make a detail vid sir?
can you please explain how to do it
In real time we can use same yaml files or have to add more spec or these spec are sufficient anything..
Thank you Riya for your Awsome explaination.
Do I need to buy domain name to perform this ingress practical? is there any alternate way to get domain name?
hi @riya one doubt what was the difference in prod and stage file that make prod cert as locked https when prod was applied to ingress.yml can you please tell. thanks riya for the video it was great.
! Great 👍 I have a question about ssl if my SSL certificate is already installed on my domain then it's necessary setup SSL certificate from kubernetes cluster ? Hope you understand what I want to say .
No, if your SSL certificate is already installed on your domain, it's not necessary to set up the SSL certificate from the Kubernetes cluster. The Ingress in Kubernetes can use the existing SSL certificate configured on your domain. Hope this helps! 👍
I am getting 404 error by coming through domain but with my ingress ip the application is accessible.
Although the ssl certificate is applied on domain i am using company custom certificate
will it work on alb ingress class ? or its specific to nginx
Thankyou, please continue
As I am performing this tutorial on local linux machine and have done same setup of kind cluster as you've shown in previous video,
1) when we are exposing ingress , it is on node port type then which IP I have to map in my dns record(I am using godaddy).
Is it host machines ip on which cluster is there or it is something different ip ?
2) As soon as I create staging_issuer and apply changes in ingress , the secret will be created is getting deleted automatically and in certificate , it is showing Ready=False. Why i am getting this false?
3) Is it important to have external IP for SSL while deploying ingress? Can't we make it possible by our local machine ip if it can be used?
Please Answer............
Nice one 🎉
Awesome !!!
Mam, aapne jo nginix controller install kiye, woh kind cluster ke liye chal rhi hai.
Mera kubeadm mai setup hai, isme ingress controller pendinf bata rha hai
Follow this guide to install it - platform9.com/learn/v1.0/tutorials/nginix-controller-via-yaml
Video is great 👍🏼
I have one little doubt what if i want to use website from internet then i need to use nodeport service right instead of clusterip?
Other steps will be same?
Yes, you can use a NodePort service to expose your website to the internet instead of a ClusterIP. The other steps to configure the Ingress resource and setup the ingress controller should be the same, but it's important to implement proper security measures.
Very nice pv and pvc storage class bhi pls
Here you go. ua-cam.com/video/6GkEFqdjdRM/v-deo.html
thank you for your effort
Can we have dockerfile for the mentioned image.
I have one question does your dockerfile exposes the app to 3000 ?
EXPOSE 3000
Please guide how to create DNS record, few steps would suffice. if you could share some resource to look upto
Here's a brief guide to get you started:
1. Log in to your domain registrar or DNS hosting provider.
2. Look for the DNS management section or something similar.
3. Add a new DNS record (often called an "A record" or "CNAME record") depending on your needs.
4. Enter the desired hostname (e.g., "subdomain.yourdomain.com") in the record.
5. Point the record to the external IP address of your Ingress controller or load balancer.
For more detailed instructions and additional resources, I recommend checking out the documentation of your domain registrar or hosting provider. They often have step-by-step guides tailored to their specific platform. Good luck!
@@DevOpsPro maine apne system ki public IP hostinger par update kar di hai tab bhi domain se access nhi kar pa raha hu.
Or ingress to nodeport se local ip de raha hai bas
Main ye sab apni local base machine par kar raha hu
I am doing the very same thing on baremetal but when i hit on browser it's not working. when i am doing curl ip:port i am getting the result on terminal
Hi @Riya, how the nginx is exposed with url or external ip address. Thanks in advance
Nginx ingress controller is exposed through nodeport service.
Can we define multiple ingress controller in different nodes with same route for disaster recovery
Pls confirm
Yes
Assalam o Alaikom Ma'm .... as i got confused in the very begining of training tutorial that we must create our Dns record , how gonna create DNS record even we have not configured DNS server either the .yml file create itself or by-default it will be created while executing the yaml file...please Guide me ...
In this tutorial, the DNS record creation is not covered. You can create DNS records separately using your DNS provider or service. The .yaml file you apply will route traffic based on the paths defined within it.
All are same port numbers and network is different how ? and all are different app or same app kindly clarify my doubts
In the video demonstration, the same port number was used for simplicity, but each service represented a different application.
Tqsh and that means every pod one application then only we can provide same port for different applications if I am wrong correct me please 🙏🏼
in production do we setup tls/ssl certification like this ? or we would need another server of lets encrypt?
here w hy we not write service.yaml file for cluser ip service
Hi Mam, for generating the certificate which server ip I need to map master node or worker node. I'm exposing my service on Nodeport.
master node
But i can't access out side of cluster what i need to add in dns external ip or cloud provider ip you have missed this in video
I didn't understand the dns record value part. Can anyone explain what value i should use
Hello , i did exactly the same, but still iam not able to access the application, then i found that when we hit kubectl decrible ingress commnand , there is nothing in the ADDRESS section,please help me out
The missing ADDRESS section in the kubectl describe ingress output could indicate a problem with your Ingress setup. Ensure that your Ingress resource is configured correctly, and the Ingress controller is running without errors. Double-check your Ingress rules and ensure that your services are up and running.
@@DevOpsPro Hello , Thank-you for your reply, the problem got resolved after doing fresh installation of cluster , but still iam not getting the application on the browser, i have checked with the command kubectl describe ingress ingress-nginx and i got exactly same as you got , still not able to get it right
Do we have to add domain name or any IP in /etc/hosts file ?
Hello Mam,
If I am using kubeadm and it is having 2nodes,
So how can i add ip for A record in DNS name hostinger.
Mam, before go for ssl certificate, i faced a issue it was showing 404 error.
Kindly help
Check your Ingress resource configuration and ensure the paths are correctly defined.
mam as you mention in start you have to map these domain to server ip (in case of local development) , i dont get to which server ip is that:
cluster ip which is created by kind aur nginx ingress controller service ip (service created by nginx ingress ) ?? please reply
same doubt
i am also doing it in minikube.
have you resolved this issue?
I have a question you have created ingress control right with that ingress control do load balancer also create or else we have to attach load balancer to the ingress control? And can I use this nginx ingress control in production I meant to ask that can I use the same yaml file in production
The Ingress resource doesn't automatically create a Load Balancer; you'll need to set that up separately. Yes, you can use the NGINX Ingress Controller in production, but make sure to adjust the YAML file for production settings
i didnt get external ip of ingress controller . what will i do ?
Check Ingress controller deployment and backend service.
thank u for ur reply , iam using local cluster without cloud provider so i didnt get external ip , would you tell me how to connect with aws loadbalacer @@DevOpsPro
Hello, have you defined this sample-1, sample-2 etc in application code or its just fine. actually applications by default listens on "/" path. please clarify. thanks
No, Its just a name of service and path where we want to expose.
What would an enter be without a domain host
Amazing video...kindly advise if we have a cluster set by kubeadm tool on AWS Cloud and we have multiple deployments running in that cluster and we want to attach load balancer with that cluster and want to make all the deployments accessible through load balancer, then how can it be done
To attach a load balancer to your kubeadm-based Kubernetes cluster on AWS, follow these steps:
1. Provision an AWS Load Balancer (ALB/NLB).
2. Configure the load balancer to point to your cluster's worker nodes.
3. Expose deployments using a LoadBalancer type Service.
4. Verify that the load balancer routes traffic to the deployments.
Hope this helps! Let me know if you have any more questions.
@@DevOpsPro thank you for responding. But what about the target group. Like if we have four deployments running inside a cluster for which we have four services as load balancer for each. So, please let me know that do we need to expose different service ports for each service as I think in target group we need to give these service ports of all four service files so that the traffic can route to each different service through their ports.
Yes, you would need to expose different service ports for each service in order to route traffic to the correct deployment through the loadbalancer. Each deployment/service will have its own target group in the loadbalancer configuration, specifying the corresponding service port. This ensures that traffic is correctly routed to each service within the cluster.
@@DevOpsPro thank you so much for clearing the doubts ❤
will u make a video for this
@@DevOpsPro
Hey I have installed the ingress-controller in my minikube-cluster i am not getting which ip I should provide in my Godaddy DNS
Is your minikube cluster on your laptop, or some cloud server
please guide me about dns with ingress
Hi Riya,
Can you please organaise the series of video in proper way by topics
Than It will be better for Begginer
Tnanks
We've already organised the videos into a playlist to make it easier for everyone. You can find it here: ua-cam.com/play/PLY63ZQr2Y5BHkJJhwPjJuJ41CIyv3m7Ru.html
ma'am please come with some production grade projects, eg: microservices , multi tier applications on kubernetes. please choose good project source code
Thank you for your suggestion! We're actively working on bringing production-grade projects to the channel. Stay tuned for exciting content updates.
Where we need to point this subdomain. mean IP or Endpoint ? Where your VMs is created. AWS EC2 and or another cloud ? kindly explain in case of 3 Node HA Cluster. Or in case of AWS EKS use ELB to Expose application.
What happen if i setup 3 EC2 Node. How to expose service on my domain with Https.?
Please answer
You'll need to point the subdomain to the IP or endpoint where your Kubernetes cluster resides. If you're using AWS EC2, it would be the IP of your EC2 instances; for AWS EKS, you'd typically use an ELB. In a 3-node HA cluster, ensure your Ingress controller is highly available. For HTTPS, follow the steps in the video to set up SSL certificates with cert-manager.
I am facing error port 80 connection refused to connect
kya ye sab hum helm chart se bhi kar sakte hai
Does this certificate expire? if yes, how do we update these certs?
How to use the same architecture configuration with multi node cluster?
Use loadbalancer type ingress.
here why we use clusterip service from my understanding we need to use node port service
ClusterIP is used for internal communication within the cluster, making services accessible only inside the cluster. NodePort, on the other hand, exposes the service externally on a specific port of each node. Use ClusterIP for internal services and NodePort when external access is needed.
Thanks a lot!!!
to create A record , do we need to update /etc/hosts file
If you have actually purchased a domain, you'll need to add the A record from your DNS provider (from where you purchased the domain by default). But if you want to test on your local system without actually purchasing the domain, you can add that entry to /etc/hosts file.
Jaisa apne bola wo sab Kara par na meri site najar aai na SSL jabki koi error bhi nhi dekh Raha or sab wesa hi hai jaisa hona chahiye par site nhi dekh Rahi na SSL
Hi Madam how to remove an existing domain from ingress.
You can delete an existing domain from your Ingress by editing your Ingress resource and removing the domain from the spec.rules.host
Kya in sabko ek hi namespace main rakhna hai kya ya kis ka namespace hum allg kar sakte hai
EK hi me
@@DevOpsPro mujhe kuch services ke namespace aalg karne hai but ingress ip ek hi chahiye, main kya kar sakta hu
awesome
Can I need to buy a multiple domains for this practicals
no
custom domains not accessible in browser
what is the problem i am installed in local clusters set up
good
lovely...
crystal clear.
nice one, ty
hi iam getting false error when i use this cmd kubectl get certificate
Please share error details
@@DevOpsPro I resolve the error.. We should configure dns then only it issues the certificate .. thanks for the reply 🥰
Great
❤❤
very informative, but ma'am mai bs single hi like kr paonga. bhot sara like k liea to kuch alg algo use krni pdegie.
how i get docker image
hub.docker.com/u/devopsprosamples
Could you please use English since so many wants to utilise your knowledge
I have an english channel also, will definitely upload k8s playlist over there.
Hi I am getting false error when i use this cmd kubectl get certificate.
kubectl get certificate
NAME READY SECRET AGE
tls-secret False tls-secret 13s
even I have attached dns.
It seems like there might be an issue with the certificate configuration or the DNS attachment. Double-check your certificate setup and ensure that the DNS is correctly configured. If the issue persists, reviewing the logs or events associated with the certificate might provide more insight into the problem.
@@DevOpsPro i am also facing same issue.....error is of challenge is Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200'