JuryA · February 28, 2022 07:46
diff --git a/default-tls-store.yaml b/default-tls-store.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: TLSStore
 metadata:
  name: default
  namespace: dev

 spec:
  defaultCertificate:
    secretName: whoami-secret
diff --git a/NOTES.sh b/NOTES.sh
 #!/usr/bin/env bash
 # -*- coding: utf-8 -*-

 # get k8s contexts
 kubectl config get-contexts -o name --no-headers

 # get k8s current context
 kubectl config current-context

 # generate self signed SSL cert - oneliner
 openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
    -keyout server.key -out server.crt -subj "/CN=kubernetes.127.0.0.1.nip.io" \
    -addext "subjectAltName=DNS:kubernetes.127.0.0.1.nip.io,DNS:whoami.127.0.0.1.nip.io,IP:127.0.0.1"

 # generate self signed SSL cert based on openssl.conf file
 # openssl req -nodes -new -x509 -keyout server.key -out server.crt -config openssl.conf -days 365

 # save SSL cert into k8s secret
 kubectl create secret generic whoami-secret --from-file=tls.crt=./server.crt --from-file=tls.key=./server.key --namespace dev

 # replace k8s secret - TRICKY
 kubectl create secret generic whoami-secret \
    --namespace dev \
    -o yaml --save-config --dry-run=client \
    --from-file=tls.crt=./server.crt --from-file=tls.key=./server.key | kubectl apply -f -

 # Add certificate to Trusted CAs on Windows
 sudo.exe certutil -addstore root ./server.crt

 # Install usbipd (USB device support in WSL 2)
 winget.exe install --interactive --exact dorssel.usbipd-win

 # Get WSL version
 cat /proc/version



 ### Kubernetes: detecting the installed version of nginx ingress
 # namespace of your nginx ingress
 ingress_ns="ingress-nginx"

 # find running pod
 podname=$(kubectl get pods -n $ingress_ns -l app.kubernetes.io/name=ingress-nginx --field-selector=status.phase==Running -o jsonpath='{.items[0].metadata.name}'
 )

 echo "pod name: $podname"

 # invoke controller with version flag
 kubectl exec -it -n $ingress_ns $podname -- /nginx-ingress-controller --version
diff --git a/traefik-debug.yaml b/traefik-debug.yaml
 apiVersion: helm.cattle.io/v1
 kind: HelmChartConfig
 metadata:
  name: traefik
  namespace: kube-system
 spec:
  valuesContent: |-
    additionalArguments:
      - "--log.level=DEBUG"
	apiVersion: traefik.containo.us/v1alpha1
	kind: TLSStore
	metadata:
	name: default
	namespace: dev

	spec:
	defaultCertificate:
	secretName: whoami-secret
	#!/usr/bin/env bash
	# -- coding: utf-8 --

	# get k8s contexts
	kubectl config get-contexts -o name --no-headers

	# get k8s current context
	kubectl config current-context

	# generate self signed SSL cert - oneliner
	openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
	-keyout server.key -out server.crt -subj "/CN=kubernetes.127.0.0.1.nip.io" \
	-addext "subjectAltName=DNS:kubernetes.127.0.0.1.nip.io,DNS:whoami.127.0.0.1.nip.io,IP:127.0.0.1"

	# generate self signed SSL cert based on openssl.conf file
	# openssl req -nodes -new -x509 -keyout server.key -out server.crt -config openssl.conf -days 365

	# save SSL cert into k8s secret
	kubectl create secret generic whoami-secret --from-file=tls.crt=./server.crt --from-file=tls.key=./server.key --namespace dev

	# replace k8s secret - TRICKY
	kubectl create secret generic whoami-secret \
	--namespace dev \
	-o yaml --save-config --dry-run=client \
	--from-file=tls.crt=./server.crt --from-file=tls.key=./server.key \| kubectl apply -f -

	# Add certificate to Trusted CAs on Windows
	sudo.exe certutil -addstore root ./server.crt

	# Install usbipd (USB device support in WSL 2)
	winget.exe install --interactive --exact dorssel.usbipd-win

	# Get WSL version
	cat /proc/version



	### Kubernetes: detecting the installed version of nginx ingress
	# namespace of your nginx ingress
	ingress_ns="ingress-nginx"

	# find running pod
	podname=$(kubectl get pods -n $ingress_ns -l app.kubernetes.io/name=ingress-nginx --field-selector=status.phase==Running -o jsonpath='{.items[0].metadata.name}'
	)

	echo "pod name: $podname"

	# invoke controller with version flag
	kubectl exec -it -n $ingress_ns $podname -- /nginx-ingress-controller --version
	apiVersion: helm.cattle.io/v1
	kind: HelmChartConfig
	metadata:
	name: traefik
	namespace: kube-system
	spec:
	valuesContent: \|-
	additionalArguments:
	- "--log.level=DEBUG"