examples/otel-demo/ingress/README.md
This directory contains the HTTPS ingress configurations for exposing the observability stack services via NGINX ingress controller with Let's Encrypt SSL certificates.
clusterissuer-letsencrypt-prod.yaml - Let's Encrypt certificate issuer (already deployed)ingress-jaeger.yaml - Exposes Jaeger UI and HotROD demoingress-opensearch.yaml - Exposes OpenSearch Dashboardsingress-otel-demo.yaml - Exposes OTel Demo Shop (frontend-proxy)| Service | URL | Backend Service | Port |
|---|---|---|---|
| Jaeger UI | https://jaeger.demo.jaegertracing.io | jaeger-query-clusterip | 16686 |
| HotROD Demo | https://hotrod.demo.jaegertracing.io | jaeger-hotrod | 80 |
| OpenSearch Dashboards | https://opensearch.demo.jaegertracing.io | opensearch-dashboards | 5601 |
| OTel Demo Shop | https://shop.demo.jaegertracing.io | frontend-proxy | 8080 |
| Load Generator | https://shop.demo.jaegertracing.io/loadgen/ | (via frontend-proxy) | 8080 |
Certificates are automatically managed by cert-manager using the Let's Encrypt production issuer.
kubectl get certificates --all-namespaces
jaeger-demo-tls (namespace: jaeger)opensearch-demo-tls (namespace: opensearch)otel-demo-tls (namespace: otel-demo)kubectl delete certificate <cert-name> -n <namespace>
# Certificate will be automatically recreated
All hostnames must resolve to the NGINX ingress controller external IP:
jaeger.demo.jaegertracing.io -> 170.9.51.232
hotrod.demo.jaegertracing.io -> 170.9.51.232
opensearch.demo.jaegertracing.io -> 170.9.51.232
shop.demo.jaegertracing.io -> 170.9.51.232
Verify DNS:
dig jaeger.demo.jaegertracing.io +short
kubectl get ingress --all-namespaces
kubectl describe ingress <name> -n <namespace>
kubectl describe certificate <cert-name> -n <namespace>
kubectl get certificaterequest -n <namespace>
kubectl get challenge -n <namespace>
kubectl logs -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx