1
00:00:00,810 --> 00:00:08,280
So as we need access to our Cuban and export from outside, we're going to configure interests role

2
00:00:08,670 --> 00:00:10,540
for our Cubana service.

3
00:00:10,770 --> 00:00:12,510
So let's go back to our cluster.

4
00:00:12,750 --> 00:00:18,500
Let's clear this up and let's do keep still get service in here.

5
00:00:18,510 --> 00:00:22,870
You see, we have a Cubana service, which is of cluster IP type.

6
00:00:22,890 --> 00:00:24,630
This is basically an internal service.

7
00:00:24,900 --> 00:00:33,060
It has no public IP address or no public or external access compared to a load balancer type of ingress

8
00:00:33,060 --> 00:00:33,690
controller.

9
00:00:34,230 --> 00:00:37,470
That is basically an external service type.

10
00:00:37,620 --> 00:00:43,680
And here you see the difference is also that it has the cluster internal IP address, but it also has

11
00:00:43,680 --> 00:00:45,120
an external IP address.

12
00:00:45,390 --> 00:00:52,560
And this IP address here that you see is actually the same one as you saw right here.

13
00:00:52,590 --> 00:01:00,270
So this is the same external IP address that the node balancer has, and this will be the entry point

14
00:01:00,270 --> 00:01:01,090
in our cluster.

15
00:01:01,260 --> 00:01:08,010
So in order to make this internal service accessible, we are going to create an ingress component which

16
00:01:08,010 --> 00:01:16,650
will contain a rule for forwarding the request, come and get this IP address to on internal service

17
00:01:17,040 --> 00:01:19,990
and then Kibwana application itself.

18
00:01:20,340 --> 00:01:21,840
So let's go ahead and do that.

19
00:01:21,840 --> 00:01:24,190
Let's create an ingress configuration file.

20
00:01:25,140 --> 00:01:28,190
I already have an ingress file.

21
00:01:28,590 --> 00:01:31,880
So as you see, it's a pretty simple structure.

22
00:01:31,890 --> 00:01:38,320
We have a kind ingress and egress component and in the specification we have a list of rules.

23
00:01:38,520 --> 00:01:45,780
So basically what this one rule here does is it tells Ingress Controller whenever a request comes in

24
00:01:45,960 --> 00:01:48,300
directed to this specific host.

25
00:01:48,300 --> 00:01:50,360
And we're going to specify the value here.

26
00:01:50,670 --> 00:01:57,480
So please direct that request at this host and route path to a backend, which is an internal service.

27
00:01:57,720 --> 00:02:07,050
And the service name is Kibwana honor service name in the port is part of the service, which is this

28
00:02:07,050 --> 00:02:07,650
one right here.

29
00:02:08,910 --> 00:02:13,730
So now they said the value of host host value cannot be an IP address.

30
00:02:13,740 --> 00:02:16,440
It has to be a valid domain address.

31
00:02:16,680 --> 00:02:20,810
In order to get that, we're going to go back to node, to our node balancer.

32
00:02:21,000 --> 00:02:27,540
And if I click inside, along with the IP address here, I have the hostname of the node balancer.

33
00:02:28,260 --> 00:02:31,280
So this is going to be our host value.

34
00:02:31,830 --> 00:02:40,470
So whenever I type this, you're telling the browser request will enter my cluster because this yero

35
00:02:40,470 --> 00:02:48,180
here maps to the IP address of the cluster node balancer or ingress controller, and that's why the

36
00:02:48,180 --> 00:02:50,640
request will land in the cluster.

37
00:02:51,060 --> 00:02:58,320
And once the request is there, in which controller will look at this role and it will see that the

38
00:02:58,320 --> 00:03:03,690
request needs to be forwarded to keep honor service at Port five thousand six hundred one.

39
00:03:03,900 --> 00:03:08,910
So, of course, when you have your own domain name, like my EB dot com or whatever you can configure

40
00:03:08,910 --> 00:03:16,650
in the DNS settings, the forwarding to this or mapping of your domain name to this IP address so that

41
00:03:16,650 --> 00:03:21,150
people can access the internal service using your domain name.

42
00:03:21,750 --> 00:03:27,110
But we're going to use the one provided out of the box by LYNARD.

43
00:03:27,120 --> 00:03:31,200
And now this creates or apply this ingress.

44
00:03:32,880 --> 00:03:44,040
So from here it's through keeps the teleplay ingress and I can check the ingress components.

45
00:03:44,040 --> 00:03:45,660
Using CubeSat, he'll get ingress.

46
00:03:45,960 --> 00:03:50,940
And here I see the details, the address or the IP address of.

47
00:03:52,120 --> 00:03:55,000
These hostname will also appear here.

48
00:03:55,570 --> 00:03:58,180
So now let's actually copy that euro.

49
00:03:59,660 --> 00:04:02,240
And enter it in the browser.

50
00:04:04,090 --> 00:04:11,050
And here you see our Caivano dashboard also in a realistic case, you would have your domain name secure,

51
00:04:11,050 --> 00:04:15,170
so you would want connection to always be through HTP.

52
00:04:15,190 --> 00:04:16,120
S protocol.

53
00:04:16,330 --> 00:04:20,050
And that's also pretty easy to configure using ingress.

54
00:04:20,170 --> 00:04:26,770
So basically, provided that you have your domain names, secure certificate already, you can also

55
00:04:26,770 --> 00:04:32,740
easily configure that in ingress using an attribute called Telx.

56
00:04:32,920 --> 00:04:38,830
So basically you create a secret containing your certificate and then you reference it here.

57
00:04:38,830 --> 00:04:43,270
So you have the hosts here and on the second line you have the secret name.

58
00:04:43,450 --> 00:04:45,550
So it's pretty easy to do.

59
00:04:45,700 --> 00:04:51,040
Important to note that these HTP is not actually the one that you see here.

60
00:04:51,310 --> 00:04:53,510
This is the second level.

61
00:04:53,530 --> 00:05:01,380
So basically the request coming from the browser to our host is by default, HTP.

62
00:05:01,390 --> 00:05:02,820
So it's not configured here.

63
00:05:03,040 --> 00:05:08,680
And this is basically forwarding between the Ingress controller and the service.

64
00:05:08,680 --> 00:05:12,630
So internal request forwarding is through HTP protocol.

65
00:05:13,480 --> 00:05:15,460
So not to confuse those two.