Etapa 3 – Instalação de Componentes Essenciais Estimated reading: 3 minutes 209 views Contributors ComponenteFinalidadeNginx Ingress ControllerExposição de serviços HTTP/HTTPSCert-ManagerGerenciar certificados TLS (Let’s Encrypt)Kubernetes DashboardInterface web de gerenciamento4.1 – NGINX Ingress Controllerkubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yamlAguarde os pods ficarem prontos:kubectl get pods -n ingress-nginx -wPara acesso externo, crie um LoadBalancer ou um NodePort com IP fixo via MetalLB ou Ingress IP.🧩 4.2 – Instalar Cert-Managerkubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yamlVerifique se os pods iniciaram:kubectl get pods -n cert-managerOpcional: criar ClusterIssuer para Let’s Encrypt:apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: email: seu-email@dominio.com server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-prod solvers: - http01: ingress: class: nginxSalve como cluster-issuer.yaml e aplique:kubectl apply -f cluster-issuer.yaml🧩 4.3 – Instalar Kubernetes Dashboardkubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yamlCriar Service Account com acesso admin:kubectl create serviceaccount admin-user -n kubernetes-dashboard kubectl create clusterrolebinding admin-user-binding \ --clusterrole=cluster-admin \ --serviceaccount=kubernetes-dashboard:admin-userPegar o token de acesso:kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')Expose via ingress:apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: dashboard namespace: kubernetes-dashboard annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: rules: - host: dashboard.seudominio.com http: paths: - path: / pathType: Prefix backend: service: name: kubernetes-dashboard port: number: 443🧩 4.4 – Instalar Prometheus e Grafana (via kube-prometheus-stack)helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update kubectl create namespace monitoring helm install prometheus prometheus-community/kube-prometheus-stack -n monitoringPara acessar o Grafana:kubectl get svc -n monitoring kubectl get secret -n monitoring prometheus-grafana -o jsonpath="{.data.admin-password}" | base64 --decode🧩 4.5 – Instalar ArgoCD (GitOps)kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yamlCriar ingress para acesso externo:apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: argocd-ingress namespace: argocd spec: rules: - host: argocd.seudominio.com http: paths: - path: / pathType: Prefix backend: service: name: argocd-server port: number: 80Pegar a senha do admin:kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d✅ Etapa ConcluídaNeste ponto você tem um cluster com:Acesso externo via IngressTLS automático via Let’s EncryptDashboard administrativoMonitoramento com Prometheus e GrafanaGitOps com ArgoCD🔜 Próxima Etapa (Opcional):Etapa 5 – Instalar MetalLB ou Ingress Externo com IPs fixos no on-premisesDeseja que eu prepare essa etapa também?Posso também preparar manifests YAML prontos ou um repositório GitOps base para você usar no ArgoCD. Deseja seguir por esse caminho?
