본문 바로가기
Compute/kubernetis

31. 새로 추가된 시험 유형 - 2 / Gateway API Migration

by 조청유곽 2025. 11. 6.
반응형

[Question]

Migrate an existing web application from Ingress to Gateway API. We must maintain HTTP Success. 
A GatewayClass name nginx is installed in the cluster.

First, create a Gateway named web-gateway with hostname gateway.web.k8s.local that maintains 
the existing TLS and listener configuration from the existing ingress resource named web.
Next, create an HTTPRoute named web-route with hostname gateway.web.k8s.local that maintains 
the existing routing rules from the current Ingress resource named web.

You can test your Gateway API configuration with the following command:
[candidate@cka2025] $ curl https: //gateway.web.k8s.local

Finally, delete the existing Ingress resource named web.

 

 

[Precondition]

(1) 테스트에 사용할 ingress, deployment, namespace, service 생성 

---
apiVersion: v1
kind: Namespace
metadata:
  name: web
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-app
  namespace: web
spec:
  replicas: 2
  selector:
    matchLabels:
      app: web-app
  template:
    metadata:
      labels:
        app: web-app
    spec:
      containers:
        - name: nginx
          image: nginx:1.25-alpine
          ports:
            - containerPort: 80
          readinessProbe:
            httpGet:
              path: /
              port: 80
            initialDelaySeconds: 2
            periodSeconds: 5
          livenessProbe:
            httpGet:
              path: /
              port: 80
            initialDelaySeconds: 5
            periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: web-svc
  namespace: web
spec:
  selector:
    app: web-app
  ports:
    - name: http
      port: 80
      targetPort: 80
  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web
  namespace: web
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
  ingressClassName: nginx
  tls:
    - hosts:
        - gateway.web.k8s.local
      secretName: web-tls
  rules:
    - host: gateway.web.k8s.local
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: web-svc
                port:
                  number: 80

 

 

(2) 테스트에 사용할 TLS secret 생성

# 1) 키/인증서 생성
openssl req -x509 -nodes -newkey rsa:2048 \
  -subj "/CN=gateway.web.k8s.local" \
  -keyout tls.key -out tls.crt -days 365

# 2) 시크릿 생성
kubectl -n web create secret tls web-tls --cert=tls.crt --key=tls.key
kubectl apply -f prereq-ingress-web.yaml
kubectl -n web rollout status deploy/web-app
kubectl -n web get ingress web

 

 

[Solve]

- gateway 생성 / https, 443 포트 변경

- httproute 생성 /  

반응형
저작자표시 비영리 변경금지 (새창열림)

'Compute > kubernetis' 카테고리의 다른 글

31. 새로 추가된 시험 유형 - 4 / CNI 플러그인 설치 Flannel, Calico  (0) 2025.11.06
31. 새로 추가된 시험 유형 - 3 / HPA 생성  (0) 2025.11.06
31. 새로 추가된 시험 유형 - 1 / configmap 수정  (0) 2025.11.06
쿠버네티스 kubernetis 환경에서의 인터페이스 구성 ovs / veth / bridge  (0) 2025.04.07
[따배씨] 30. Network Policy / CKA 시험 문제 학습  (0) 2025.02.01

관련글

티스토리툴바