Caddy Ingress Controller

This is the Kubernetes Ingress Controller for Caddy. It includes functionality for monitoring Ingress resources on a Kubernetes cluster and includes support for providing automatic HTTPS certificates for all hostnames defined in ingress resources that it is managing.

Prerequisites

Helm 3+
Kubernetes 1.19+

Setup

In the charts folder a Helm Chart is provided to make installing the Caddy Ingress Controller on a Kubernetes cluster straight forward. To install the Caddy Ingress Controller adhere to the following steps:

Create a new namespace in your cluster to isolate all Caddy resources.

kubectl create namespace caddy-system

Install the Helm Chart.

helm install \
  --namespace=caddy-system \
  --repo https://caddyserver.github.io/ingress/ \
  --atomic \
  mycaddy \
  caddy-ingress-controller

Or

Generate kubernetes yaml file.

git clone https://github.com/caddyserver/ingress.git
cd ingress

# generate the yaml file
helm template mycaddy ./charts/caddy-ingress-controller \
  --namespace=caddy-system \
  > mycaddy.yaml

# apply the file
kubectl apply -f mycaddy.yaml

This will create a service of type LoadBalancer in the caddy-system namespace on your cluster. You'll want to set any DNS records for accessing this cluster to the external IP address of this LoadBalancer when the external IP is provisioned by your cloud provider.

You can get the external IP address with kubectl get svc -n caddy-system

Debugging

To view any logs generated by Caddy or the Ingress Controller you can view the pod logs of the Caddy Ingress Controller.

Get the pod name with:

kubectl get pods -n caddy-system

View the pod logs:

kubectl logs <pod-name> -n caddy-system

Automatic HTTPS

To enable automatic https via ingress controller using Let's Encrypt you can set the argument ingressController.autotls=true and the email to use ingressController.email=your@email.com on the caddy ingress controller helm chart values.

Example:

--set ingressController.autotls=true
--set ingressController.email=your@email.com

when you execute the helm-chart installation.

Bringing Your Own Certificates

If you would like to disable automatic HTTPS for a specific host and use your own certificates you can create a new TLS secret in Kubernetes and define what certificates to use when serving your application on the ingress resource.

Example:

Create TLS secret mycerts, where ./tls.key and ./tls.crt are valid certificates for test.com.

kubectl create secret tls mycerts --key ./tls.key --cert ./tls.crt

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example
  annotations:
    kubernetes.io/ingress.class: caddy
spec:
  rules:
  - host: test.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 8080
  tls:
    - secretName: mycerts # use mycerts for host test.com
      hosts:
        - test.com

Contribution

Learn how to start contribution on the Contributing Guidline.

License

Apache License 2.0

Name		Name	Last commit message	Last commit date
Latest commit History 44 Commits
.github/workflows		.github/workflows
charts/caddy-ingress-controller		charts/caddy-ingress-controller
cmd/caddy		cmd/caddy
internal		internal
kubernetes/sample		kubernetes/sample
pkg		pkg
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE.txt		LICENSE.txt
Makefile		Makefile
README.md		README.md
ct.yaml		ct.yaml
go.mod		go.mod
go.sum		go.sum
skaffold.yaml		skaffold.yaml

License

indiereign/ingress

Folders and files

Latest commit

History

Repository files navigation

Caddy Ingress Controller

Prerequisites

Setup

Debugging

Automatic HTTPS

Bringing Your Own Certificates

Contribution

License

About

Resources

License

Stars

Watchers

Forks

Languages