colossus06/nginx-ingress-cert-manager.txt Secret

## nginx-ingress-cert-manager.txt
#Gist
#repo for the files: https://github.com/colossus06/Kuberada-Blog-Labs/tree/main/argocd


export DOMAIN_NAME=<your_domain>
export EMAIL=<your_email>
export AZ_RG=<resource_group>
export CLUSTER=<cluster_name>
export INGRESS_NAMESPACE=nginx-ingress

echo $ARGO_REPO $GH_ADMIN $GITHUB_ORG $AZ_RG $CLUSTER
az aks get-credentials --resource-group $AZ_RG --name $CLUSTER
#Create a namespace for ingress resources
kubectl create namespace $INGRESS_NAMESPACE

#Add the Helm repository
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

#Use Helm to deploy an NGINX ingress controller
helm upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
  --namespace $INGRESS_NAMESPACE \
  --set controller.config.http2=true \
  --set controller.config.http2-push="on" \
  --set controller.config.http2-push-preload="on" \
  --set controller.ingressClassByName=true \
  --set controller.ingressClassResource.controllerValue=k8s.io/ingress-nginx \
  --set controller.ingressClassResource.enabled=true \
  --set controller.ingressClassResource.name=public \
  --set controller.service.externalTrafficPolicy=Local \
  --set controller.setAsDefaultIngress=true


kubectl wait --namespace $INGRESS_NAMESPACE \
  --for=condition=ready pod \
  --selector=app.kubernetes.io/component=controller \
  --timeout=120s

#a ingress pod will be coming up in nginx-ingress namespace
kubectl get pods -n $INGRESS_NAMESPACE

#Label the cert-manager namespace to disable resource validation
kubectl label namespace $INGRESS_NAMESPACE cert-manager.io/disable-validation=true
helm repo add cert-manager https://charts.jetstack.io
helm repo update

helm search repo cert-manager
#Install CRDs with kubectl
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml
#Install the cert-manager Helm chart
helm install cert-manager cert-manager/cert-manager \
  --namespace $INGRESS_NAMESPACE \
  --version v1.14.4


envsubst < cluster-issuer.yaml | kubectl apply -f - -n $INGRESS_NAMESPACE
kubectl get clusterissuer
dig $DOMAIN_NAME ns +trace +nodnssec

kubectl apply -f kubernetes-manifests.yaml -n $INGRESS_NAMESPACE
envsubst < ingress.yaml | kubectl apply -f - -n $INGRESS_NAMESPACE
kubectl get svc -n $INGRESS_NAMESPACE

kubectl get ing -n $INGRESS_NAMESPACE

kubectl patch -n $INGRESS_NAMESPACE ingress cm-acme-http-solver-rcj45 --type merge -p '{"spec": {"ingressClassName": "public"}}'


kubectl get ing -n $INGRESS_NAMESPACE
kubectl get cert -n $INGRESS_NAMESPACE
curl -v https://$DOMAIN_NAME
	#Gist
	#repo for the files: https://github.com/colossus06/Kuberada-Blog-Labs/tree/main/argocd


	export DOMAIN_NAME=<your_domain>
	export EMAIL=<your_email>
	export AZ_RG=<resource_group>
	export CLUSTER=<cluster_name>
	export INGRESS_NAMESPACE=nginx-ingress

	echo $ARGO_REPO $GH_ADMIN $GITHUB_ORG $AZ_RG $CLUSTER
	az aks get-credentials --resource-group $AZ_RG --name $CLUSTER
	#Create a namespace for ingress resources
	kubectl create namespace $INGRESS_NAMESPACE

	#Add the Helm repository
	helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
	helm repo update

	#Use Helm to deploy an NGINX ingress controller
	helm upgrade --install ingress-nginx ingress-nginx \
	--repo https://kubernetes.github.io/ingress-nginx \
	--namespace $INGRESS_NAMESPACE \
	--set controller.config.http2=true \
	--set controller.config.http2-push="on" \
	--set controller.config.http2-push-preload="on" \
	--set controller.ingressClassByName=true \
	--set controller.ingressClassResource.controllerValue=k8s.io/ingress-nginx \
	--set controller.ingressClassResource.enabled=true \
	--set controller.ingressClassResource.name=public \
	--set controller.service.externalTrafficPolicy=Local \
	--set controller.setAsDefaultIngress=true


	kubectl wait --namespace $INGRESS_NAMESPACE \
	--for=condition=ready pod \
	--selector=app.kubernetes.io/component=controller \
	--timeout=120s

	#a ingress pod will be coming up in nginx-ingress namespace
	kubectl get pods -n $INGRESS_NAMESPACE

	#Label the cert-manager namespace to disable resource validation
	kubectl label namespace $INGRESS_NAMESPACE cert-manager.io/disable-validation=true
	helm repo add cert-manager https://charts.jetstack.io
	helm repo update

	helm search repo cert-manager
	#Install CRDs with kubectl
	kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml
	#Install the cert-manager Helm chart
	helm install cert-manager cert-manager/cert-manager \
	--namespace $INGRESS_NAMESPACE \
	--version v1.14.4


	envsubst < cluster-issuer.yaml \| kubectl apply -f - -n $INGRESS_NAMESPACE
	kubectl get clusterissuer
	dig $DOMAIN_NAME ns +trace +nodnssec

	kubectl apply -f kubernetes-manifests.yaml -n $INGRESS_NAMESPACE
	envsubst < ingress.yaml \| kubectl apply -f - -n $INGRESS_NAMESPACE
	kubectl get svc -n $INGRESS_NAMESPACE

	kubectl get ing -n $INGRESS_NAMESPACE

	kubectl patch -n $INGRESS_NAMESPACE ingress cm-acme-http-solver-rcj45 --type merge -p '{"spec": {"ingressClassName": "public"}}'


	kubectl get ing -n $INGRESS_NAMESPACE
	kubectl get cert -n $INGRESS_NAMESPACE
	curl -v https://$DOMAIN_NAME