iammuho/nginx-ingress.yaml

## nginx-ingress.yaml
# Project Setup Guide

This document outlines the steps taken to configure and deploy a Kubernetes environment utilizing an AWS Load Balancer and NGINX Ingress Controller via Helm charts.

## Step 1: Create a New Helm Chart

A new Helm chart is created to function as a wrapper, allowing the deployment of the AWS Load Balancer and NGINX Ingress Controller Helm charts together. This setup uses Helm's dependency management capabilities.

### Chart Details

```
apiVersion: v2
name: ingress-nginx
description: A Helm chart for Kubernetes NGINX Ingress Controller
type: application
version: 1.0.0
dependencies:
  - name: aws-load-balancer-controller
    version: 1.7.1
    repository: https://aws.github.io/eks-charts
  - name: ingress-nginx
    version: 4.10.0
    repository: https://kubernetes.github.io/ingress-nginx
```

## Step 2: Update Values

The values for the chart are set according to the latest configurations stored in the repository. These values guide the deployment parameters for both the load balancer and ingress controller.

**Note:** The most up-to-date values are maintained in the repository.

## Step 3: Modify Deployment Configuration

The `deployment.yaml` file is adapted to integrate GitHub Actions, supporting deployments across custom namespaces. This modification enhances the CI/CD pipeline's flexibility by accommodating various deployment scenarios.

The most recent version of the `deployment.yaml` file can be found in the repository.

And we have deployed the `deployment.yaml` file using the github actions workflow with the following inputs:

```
Chart Name: ingress-nginx
Namespace: kube-system
```

## Step 4: IAM and Kubernetes Service Account Configuration

An IAM role along with a corresponding policy is created, which is to be assumed by a Kubernetes Service Account. This setup enables the AWS Load Balancer Controller to access AWS resources and manage the creation of load balancers as requested by the NGINX Ingress Controller.

#### Options for Creating Service Account

To create the service account, you have two primary methods:

- **eksctl**: This command-line tool provides a simplified way to create and manage clusters on EKS. For the sake of testing, we use `eksctl` to quickly establish the necessary roles and bindings.
- **awscli or terraform**: These tools can also be used for setting up IAM roles and Kubernetes service accounts, especially suited for integration into scripted workflows or infrastructure as code practices.

#### Command Usage

For testing purposes, the up-to-date `eksctl` command used to associate the IAM role with the Kubernetes service account is stored on the bastion host.

#### Further Details

For more information on associating an IAM role with a Kubernetes service account, refer to the AWS EKS user guide:
[https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html)

## Step 5: Configure Route53 DNS Records

DNS records in Amazon Route53 are set up to point to the newly created Network Load Balancer. This step involves configuring the DNS to resolve both the root domain and subdomains to the load balancer.

#### DNS Configuration Steps

1. **Access Route53**: Navigate to the Route53 management console within the AWS environment.
2. **Create New Record**: In the specific Route53 hosted zone, create new DNS records:
    - **Record for Subdomains** (`*.domain.com`):
      - Type: A - Alias
      - Alias Target: Select the Network Load Balancer (NLB) located in `eu-central-1`.
    - **Record for Root Domain** (`domain.com`):
      - Type: A - Alias
      - Alias Target: Choose the same NLB as above.

## Step 6: Deploy a Test Service and Ingress

To verify that the NGINX Ingress Controller and the AWS Load Balancer are correctly configured and functioning, we deploy a test service and set up an ingress to manage its access.

### Deployment Commands

1. **Deploy Test Service**:
   Use `kubectl` to create a test service from a predefined configuration hosted on the Kubernetes GitHub repository.

   ```bash
   kubectl create -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/docs/examples/http-svc.yaml
   ```

2. **Configure Ingress**:
   Define an ingress resource to route traffic to the test service. This configuration includes annotations to ensure the path is correctly rewritten.

   ```yaml
   apiVersion: networking.k8s.io/v1
   kind: Ingress
   metadata:
     name: minimal-ingress
     annotations:
       nginx.ingress.kubernetes.io/rewrite-target: /
   spec:
     ingressClassName: nginx
     rules:
     - http:
         paths:
         - path: /
           pathType: Prefix
           backend:
             service:
               name: http-svc
               port:
                 number: 80
   ```

### Verify Deployment

After deploying the ingress and service, access the service via the Load Balancer DNS to ensure it's operational.

   ```bash
   wget -qO- http://<LoadBalancerDNS>
   ```
	# Project Setup Guide

	This document outlines the steps taken to configure and deploy a Kubernetes environment utilizing an AWS Load Balancer and NGINX Ingress Controller via Helm charts.

	## Step 1: Create a New Helm Chart

	A new Helm chart is created to function as a wrapper, allowing the deployment of the AWS Load Balancer and NGINX Ingress Controller Helm charts together. This setup uses Helm's dependency management capabilities.

	### Chart Details

	```
	apiVersion: v2
	name: ingress-nginx
	description: A Helm chart for Kubernetes NGINX Ingress Controller
	type: application
	version: 1.0.0
	dependencies:
	- name: aws-load-balancer-controller
	version: 1.7.1
	repository: https://aws.github.io/eks-charts
	- name: ingress-nginx
	version: 4.10.0
	repository: https://kubernetes.github.io/ingress-nginx
	```

	## Step 2: Update Values

	The values for the chart are set according to the latest configurations stored in the repository. These values guide the deployment parameters for both the load balancer and ingress controller.

	Note: The most up-to-date values are maintained in the repository.

	## Step 3: Modify Deployment Configuration

	The `deployment.yaml` file is adapted to integrate GitHub Actions, supporting deployments across custom namespaces. This modification enhances the CI/CD pipeline's flexibility by accommodating various deployment scenarios.

	The most recent version of the `deployment.yaml` file can be found in the repository.

	And we have deployed the `deployment.yaml` file using the github actions workflow with the following inputs:

	```
	Chart Name: ingress-nginx
	Namespace: kube-system
	```

	## Step 4: IAM and Kubernetes Service Account Configuration

	An IAM role along with a corresponding policy is created, which is to be assumed by a Kubernetes Service Account. This setup enables the AWS Load Balancer Controller to access AWS resources and manage the creation of load balancers as requested by the NGINX Ingress Controller.

	#### Options for Creating Service Account

	To create the service account, you have two primary methods:

	- eksctl: This command-line tool provides a simplified way to create and manage clusters on EKS. For the sake of testing, we use `eksctl` to quickly establish the necessary roles and bindings.
	- awscli or terraform: These tools can also be used for setting up IAM roles and Kubernetes service accounts, especially suited for integration into scripted workflows or infrastructure as code practices.

	#### Command Usage

	For testing purposes, the up-to-date `eksctl` command used to associate the IAM role with the Kubernetes service account is stored on the bastion host.

	#### Further Details

	For more information on associating an IAM role with a Kubernetes service account, refer to the AWS EKS user guide:
	[https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html)

	## Step 5: Configure Route53 DNS Records

	DNS records in Amazon Route53 are set up to point to the newly created Network Load Balancer. This step involves configuring the DNS to resolve both the root domain and subdomains to the load balancer.

	#### DNS Configuration Steps

	1. Access Route53: Navigate to the Route53 management console within the AWS environment.
	2. Create New Record: In the specific Route53 hosted zone, create new DNS records:
	- Record for Subdomains (`*.domain.com`):
	- Type: A - Alias
	- Alias Target: Select the Network Load Balancer (NLB) located in `eu-central-1`.
	- Record for Root Domain (`domain.com`):
	- Type: A - Alias
	- Alias Target: Choose the same NLB as above.

	## Step 6: Deploy a Test Service and Ingress

	To verify that the NGINX Ingress Controller and the AWS Load Balancer are correctly configured and functioning, we deploy a test service and set up an ingress to manage its access.

	### Deployment Commands

	1. Deploy Test Service:
	Use `kubectl` to create a test service from a predefined configuration hosted on the Kubernetes GitHub repository.

	```bash
	kubectl create -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/docs/examples/http-svc.yaml
	```

	2. Configure Ingress:
	Define an ingress resource to route traffic to the test service. This configuration includes annotations to ensure the path is correctly rewritten.

	```yaml
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: minimal-ingress
	annotations:
	nginx.ingress.kubernetes.io/rewrite-target: /
	spec:
	ingressClassName: nginx
	rules:
	- http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: http-svc
	port:
	number: 80
	```

	### Verify Deployment

	After deploying the ingress and service, access the service via the Load Balancer DNS to ensure it's operational.

	```bash
	wget -qO- http://<LoadBalancerDNS>
	```