Ingress
Be careful when thinking about an "Ingress Resource"! This should not be confused with the actual "Ingress Controller", which is just a pod running nginx that performs traffic routing as if you were performing a bunch of re-writes.
Setting up Basic Auth is pretty straightforward as you only need to generate the htpasswd token and create the kubernetes secret before creating your ingress resource. If the htpasswd command isn't present on your machine you can install it with apt-get install apache2-utils.
create-secret.sh
htpasswd -cb auth $(USERNAME) $(PASSWORD)kubectl create secret generic "nginx-ingress-basic-auth" --from-file="auth"The secret created will look like this:apiVersion: v1kind: Secretmetadata: name: nginx-ingress-basic-authtype: Opaquedata: auth: dXNlcjp5LWJhc2g1LkQuRlJTdDlvU0tieDByN2pFaXJiaHEuSmNLaUZScUJWRw==
ingress.yaml
apiVersion: extensions/v1beta1kind: Ingressmetadata: name: <hostname> annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/auth-type: basic nginx.ingress.kubernetes.io/auth-secret: nginx-ingress-basic-auth nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - foo"spec: tls: - hosts: - <hostname> secretName: <tls secret name> rules: - host: $HOST http: paths: - path: /service-a backend: serviceName: my-service-a servicePort: 80 - path: /service-b backend: serviceName: my-service-b servicePort: 80
ingress-sticky.yaml
apiVersion: extensions/v1beta1 kind: Ingressmetadata: name: nginx-test-sticky annotations: kubernetes.io/ingress.class: "nginx" ingress.kubernetes.io/affinity: "cookie" ingress.kubernetes.io/session-cookie-name: "route" ingress.kubernetes.io/session-cookie-hash: "sha1"spec: rules: - host: $HOST http: paths: - path: / backend: serviceName: $SERVICE_NAME servicePort: $SERVICE_PORT
