caddyserver/ingress caddyserver/ingress

  • Stars
    star
    636
  • Rank 70,723 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created over 5 years ago
  • Updated 2 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
caddyserver/ingress
github

caddyserver

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

WIP Caddy 2 ingress controller for Kubernetes

Caddy Ingress Controller

This is the Kubernetes Ingress Controller for Caddy. It includes functionality for monitoring Ingress resources on a Kubernetes cluster and includes support for providing automatic HTTPS certificates for all hostnames defined in ingress resources that it is managing.

Prerequisites

  • Helm 3+
  • Kubernetes 1.19+

Setup

In the charts folder a Helm Chart is provided to make installing the Caddy Ingress Controller on a Kubernetes cluster straight forward. To install the Caddy Ingress Controller adhere to the following steps:

  1. Create a new namespace in your cluster to isolate all Caddy resources.
kubectl create namespace caddy-system
  1. Install the Helm Chart.
helm install \
  --namespace=caddy-system \
  --repo https://caddyserver.github.io/ingress/ \
  --atomic \
  mycaddy \
  caddy-ingress-controller

Or

  1. Generate kubernetes yaml file.
git clone https://github.com/caddyserver/ingress.git
cd ingress

# generate the yaml file
helm template mycaddy ./charts/caddy-ingress-controller \
  --namespace=caddy-system \
  > mycaddy.yaml

# apply the file
kubectl apply -f mycaddy.yaml

This will create a service of type LoadBalancer in the caddy-system namespace on your cluster. You'll want to set any DNS records for accessing this cluster to the external IP address of this LoadBalancer when the external IP is provisioned by your cloud provider.

You can get the external IP address with kubectl get svc -n caddy-system

Debugging

To view any logs generated by Caddy or the Ingress Controller you can view the pod logs of the Caddy Ingress Controller.

Get the pod name with:

kubectl get pods -n caddy-system

View the pod logs:

kubectl logs <pod-name> -n caddy-system

Automatic HTTPS

To have automatic HTTPS (not to be confused with On-demand TLS), you simply have to specify your email in the config map. When using Helm chart, you can add --set [email protected] when installing.

On-Demand TLS

On-demand TLS can generate SSL certs on the fly and can be enabled in this controller by setting the onDemandTLS config to true:

helm install ...\
  --set ingressController.config.onDemandTLS=true

You can also specify options for the on demand config: onDemandRateLimitInterval, onDemandRateLimitBurst and onDemandAsk

Bringing Your Own Certificates

If you would like to disable automatic HTTPS for a specific host and use your own certificates you can create a new TLS secret in Kubernetes and define what certificates to use when serving your application on the ingress resource.

Example:

Create TLS secret mycerts, where ./tls.key and ./tls.crt are valid certificates for test.com.

kubectl create secret tls mycerts --key ./tls.key --cert ./tls.crt

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example
  annotations:
    kubernetes.io/ingress.class: caddy
spec:
  rules:
  - host: test.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 8080
  tls:
    - secretName: mycerts # use mycerts for host test.com
      hosts:
        - test.com

Contribution

Learn how to start contribution on the Contributing Guidline.

License

Apache License 2.0

More Repositories

1

caddy

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Go
58,009
star
2

certmagic

Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Go
4,967
star
3

examples

OBSOLETE. This repo was for Caddy v1. For v2 and newer, see our forum's wiki category.
CSS
971
star
4

xcaddy

Build Caddy with plugins
Go
890
star
5

forwardproxy

Forward proxy plugin for the Caddy web server
Go
603
star
6

caddy-docker

Source for the official Caddy v2 Docker Image
Dockerfile
408
star
7

nginx-adapter

Run Caddy with your NGINX config
Go
315
star
8

cache-handler

Distributed HTTP caching module for Caddy
Go
260
star
9

website

The Caddy website
HTML
151
star
10

dist

Resources for packaging and distributing Caddy
Shell
115
star
11

dnsproviders

OBSOLETE: DNS providers adapted for use in Caddy to solve the ACME DNS challenge - for Caddy v1 only. See caddy-dns for v2.
Go
98
star
12

replace-response

Caddy module that performs replacements in response bodies
Go
95
star
13

vscode-caddyfile

Rich Caddyfile support for Visual Studio Code
TypeScript
78
star
14

transform-encoder

Log encoder module for custom log formats
Go
73
star
15

gateway

Kubernetes Gateway API implementation powered by Caddy
Go
60
star
16

caddy-lua

An experiment in executing Lua from Caddy. Ignore this for now. ;)
Go
33
star
17

sublimetext

Caddyfile syntax highlighting for Sublime Text 3
24
star
18

getcaddy.com

Automated installer script for Caddy with plugins. DECOMISSIONED in 2020.
Shell
22
star
19

ntlm-transport

NTLM reverse proxy transport module for Caddy
Go
14
star
20

cue-adapter

CUE config adapter for Caddy
Go
12
star
21

pkl-adapter

Configure Caddy with Pkl format
Go
10
star
22

zerossl

ZeroSSL REST API client implementation for Go
Go
8
star
23

moduledoc

Automated JSON docs generation for Caddy modules
Go
7
star
24

ingress-docker

4
star
25

circuitbreaker

A circuit-breaker module for the reverse proxy
Go
4
star
26

json5-adapter

JSON5 config adapter
Go
3
star
27

jsonc-adapter

JSONC config adapter
Go
2
star