Etapa 3 – Instalação de Componentes Essenciais Estimated reading: 3 minutes 91 views ComponenteFinalidadeNginx Ingress ControllerExposição de serviços HTTP/HTTPSCert-ManagerGerenciar certificados TLS (Let’s Encrypt)Kubernetes DashboardInterface web de gerenciamento 4.1 – NGINX Ingress Controller kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yaml Aguarde os pods ficarem prontos: kubectl get pods -n ingress-nginx -w Para acesso externo, crie um LoadBalancer ou um NodePort com IP fixo via MetalLB ou Ingress IP. 🧩 4.2 – Instalar Cert-Manager kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml Verifique se os pods iniciaram: kubectl get pods -n cert-manager Opcional: criar ClusterIssuer para Let’s Encrypt: apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: email: seu-email@dominio.com server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-prod solvers: - http01: ingress: class: nginx Salve como cluster-issuer.yaml e aplique: kubectl apply -f cluster-issuer.yaml 🧩 4.3 – Instalar Kubernetes Dashboard kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml Criar Service Account com acesso admin: kubectl create serviceaccount admin-user -n kubernetes-dashboard kubectl create clusterrolebinding admin-user-binding \ --clusterrole=cluster-admin \ --serviceaccount=kubernetes-dashboard:admin-user Pegar o token de acesso: kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}') Expose via ingress: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: dashboard namespace: kubernetes-dashboard annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: rules: - host: dashboard.seudominio.com http: paths: - path: / pathType: Prefix backend: service: name: kubernetes-dashboard port: number: 443 🧩 4.4 – Instalar Prometheus e Grafana (via kube-prometheus-stack) helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update kubectl create namespace monitoring helm install prometheus prometheus-community/kube-prometheus-stack -n monitoring Para acessar o Grafana: kubectl get svc -n monitoring kubectl get secret -n monitoring prometheus-grafana -o jsonpath="{.data.admin-password}" | base64 --decode 🧩 4.5 – Instalar ArgoCD (GitOps) kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml Criar ingress para acesso externo: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: argocd-ingress namespace: argocd spec: rules: - host: argocd.seudominio.com http: paths: - path: / pathType: Prefix backend: service: name: argocd-server port: number: 80 Pegar a senha do admin: kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d ✅ Etapa Concluída Neste ponto você tem um cluster com: Acesso externo via Ingress TLS automático via Let’s Encrypt Dashboard administrativo Monitoramento com Prometheus e Grafana GitOps com ArgoCD 🔜 Próxima Etapa (Opcional): Etapa 5 – Instalar MetalLB ou Ingress Externo com IPs fixos no on-premises Deseja que eu prepare essa etapa também? Posso também preparar manifests YAML prontos ou um repositório GitOps base para você usar no ArgoCD. Deseja seguir por esse caminho?
