Keyfactor
Ingress API version is end-of-live
Hi Had problems deploying the file https://github.com/Keyfactor/ejbca-containers/blob/master/deployment-examples/kubernetes/microk8s/ejbca-ce-with-ingress-and-mariadb.yaml to Azure K8 cluster. The problem occurred around the API version v1beta. Tried to migrate the code to v1 stable, but it needs further testing (I am quite new to K8).
Here is my version
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ejbca-ingress
namespace: ejba-pki-01
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "false"
# nginx.ingress.kubernetes.io/use-regex annotation: "false"
# Managing the instance with a client TLS certificate will require additional configuration
#nginx.ingress.kubernetes.io/auth-tls-verify-client: "optional"
#nginx.ingress.kubernetes.io/auth-tls-secret: "default/ca-secret"
#nginx.ingress.kubernetes.io/auth-tls-verify-depth: "3"
#nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true"
# Hook
# nginx.ingress.kubernetes.io/configuration-snippet: |
# proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
# AJP is available in nginx-ingress-controller:0.18.0 and later
# nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
# nginx.ingress.kubernetes.io/affinity: "cookie"
# nginx.ingress.kubernetes.io/session-cookie-name: "route"
# nginx.ingress.kubernetes.io/session-cookie-hash: "sha1"
# nginx.ingress.kubernetes.io/session-cookie-expires: "1800"
# nginx.ingress.kubernetes.io/session-cookie-max-age: "1800"
ingressclass.kubernetes.io/is-default-class: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
# Ensure that this hostname is resolvable for example in /etc/hosts if you are doing local testing
- http:
paths:
- path: /ejbca
pathType: Prefix
backend:
service:
name: ejbca-backend-service
port:
number: 8082
Did you get it working? Can you make a pull request with that update?
Deployment worked, but there is an issue accessing the front end. Will update the issue after I fix it.
URL to the admin portal
Response I am getting back
--
Question
"Additionally this example assumes that pki.primekey.example to be resolvable from the Ingress." Where should the address point to, or to where should it resolve?
does the readme intend to deploy the app locally? And if yes, what needs to be changed to deploy it to a public cloud?
do you use https:// in the url and not http://? Looking at the error message that would be what I expect, i.s. using wrong protocol.
I got it running but I cannot create a new branch to upload the changes. Can you help me here?
Also I get this message
How can I upgrade to this RA UI version?
To create a new branch and a pull request do the following:
- Fork the Keyfactor repository to your own repo with the "Fork" button on the top right.
- Create a branch in your repository, you can do that in the GitHub UI as well by clicking Branches->New Branch
- Check out your own repository and make changes there, in the new branch you created.
- Push your changes to your own repository branch
- Now in the GitHub repo there should appear a button "create pull request"
- That PR will appear on our repo and we can review it and merge it
The RA UI is there, in the EJBCA Admin UI there is link to it at the bottom left menu.
Hi @kathodion : if you don't want, or can't, create a PR. Just upload your version here and we will take care of it.
Hi @kathodion , if you don't know how to create a PR, you can send me the files as well and I can handle it.