Placidina/mtls

POC - Nginx Ingress Controller mTLS

Mutual TLS Authentication

POC for Nginx ingress controller mTLS.

Requirements

• Ansible >= 2.10
  • Ansible Galaxy Packages:
    • community.kubernetes
• Helm >= v3
• Kubectl
• kind
• Make
• Docker

Usage

If exists kind network IP set in manifests/metallb-configmap.yml:12.

make

If not seted kind network IP, update manifest manifests/metallb-configmap.yml:12 and apply.

Discovery kind network IP, run docker network inspect -f '{{.IPAM.Config}}' kind

Add nginx ingress ip in you /etc/hosts

# /etc/hosts

172.25.30.1 placidina.int

Discovery ingress IP, run kubectl get svc -n ingress

Makefile:

Argument	Description
create	Create a certificates and cluster
destroy	Destroy cluster
test	Test authenticated mTLS request

About

• Kind
  • LoadBalancer
• MetalLB
• Certificates
• Nginx Ingress Controller mTLS