Etapa 3 – Instalação de Componentes Essenciais
Leitura estimada: 3 minutos
18 views
Colaboradores
| Componente | Finalidade |
|---|---|
| Nginx Ingress Controller | Exposição de serviços HTTP/HTTPS |
| Cert-Manager | Gerenciar certificados TLS (Let’s Encrypt) |
| Kubernetes Dashboard | Interface web de gerenciamento |
4.1 – NGINX Ingress Controller
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yaml
Aguarde os pods ficarem prontos:
kubectl get pods -n ingress-nginx -w
Para acesso externo, crie um LoadBalancer ou um NodePort com IP fixo via MetalLB ou Ingress IP.
🧩 4.2 – Instalar Cert-Manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml
Verifique se os pods iniciaram:
kubectl get pods -n cert-manager
Opcional: criar ClusterIssuer para Let’s Encrypt:
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: [email protected]
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginxSalve como cluster-issuer.yaml e aplique:
kubectl apply -f cluster-issuer.yaml
🧩 4.3 – Instalar Kubernetes Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
Criar Service Account com acesso admin:
kubectl create serviceaccount admin-user -n kubernetes-dashboard kubectl create clusterrolebinding admin-user-binding \ --clusterrole=cluster-admin \ --serviceaccount=kubernetes-dashboard:admin-user
Pegar o token de acesso:
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')Expose via ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashboard
namespace: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
rules:
- host: dashboard.seudominio.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443🧩 4.4 – Instalar Prometheus e Grafana (via kube-prometheus-stack)
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update kubectl create namespace monitoring helm install prometheus prometheus-community/kube-prometheus-stack -n monitoring
Para acessar o Grafana:
kubectl get svc -n monitoring
kubectl get secret -n monitoring prometheus-grafana -o jsonpath="{.data.admin-password}" | base64 --decode🧩 4.5 – Instalar ArgoCD (GitOps)
kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
Criar ingress para acesso externo:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-ingress
namespace: argocd
spec:
rules:
- host: argocd.seudominio.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
number: 80Pegar a senha do admin:
kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d✅ Etapa Concluída
Neste ponto você tem um cluster com:
- Acesso externo via Ingress
- TLS automático via Let’s Encrypt
- Dashboard administrativo
- Monitoramento com Prometheus e Grafana
- GitOps com ArgoCD
🔜 Próxima Etapa (Opcional):
Etapa 5 – Instalar MetalLB ou Ingress Externo com IPs fixos no on-premises
Deseja que eu prepare essa etapa também?
Posso também preparar manifests YAML prontos ou um repositório GitOps base para você usar no ArgoCD. Deseja seguir por esse caminho?
