HOWTO
https://helm.sh/docs/intro/install/#from-script
https://helm.sh/docs/intro/using_helm/
https://github.com/kubernetes/ingress-nginx
https://kubernetes.github.io/ingress-nginx/deploy/#using-helm
Install Helm
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ chmod 700 get_helm.sh
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ ./get_helm.sh
Helm v3.4.0 is available. Changing from version v3.2.1.
Downloading https://get.helm.sh/helm-v3.4.0-linux-amd64.tar.gz
Verifying checksum... Done.
Preparing to install helm into /usr/local/bin
helm installed into /usr/local/bin/helm
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ helm version
version.BuildInfo{Version:"v3.4.0", GitCommit:"7090a89efc8a18f3d8178bf47d2462450349a004", GitTreeState:"clean", GoVersion:"go1.14.10"}
Install Ingress
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm install my-release ingress-nginx/ingress-nginx
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ POD_NAME=$(kubectl get pods -l app.kubernetes.io/name=ingress-nginx -o jsonpath='{.items[0].metadata.name}')
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ kubectl exec -it $POD_NAME -- /nginx-ingress-controller --version
-------------------------------------------------------------------------------
NGINX Ingress controller
Release: v0.41.0
Build: f3a6b809bd4bb6608266b35cf5b8423bf107d7bc
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: nginx/1.19.4
-------------------------------------------------------------------------------
Configure user access - service accounts and roles
k8s namespaces on GCP
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ kubectl get namespaces
NAME STATUS AGE
default Active 15h
kube-node-lease Active 15h
kube-public Active 15h
kube-system Active 15h
Configure roles - not required with Helm3 - tiller removed
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
daniel_veselka@cloudshell:~ (genial-acronym-295114)$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-systen:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
HTTPS configuration
- https://github.com/StephenGrider/multi-k8s/blob/master/k8s/certificate.yaml
- https://github.com/StephenGrider/multi-k8s/blob/master/k8s/issuer.yaml