openshift-docs/modules/nw-understanding-networking-security-example.adoc

// Module included in the following assemblies:
//
// * networking/understanding-networking.adoc

:_mod-docs-content-type: PROCEDURE
[id="nw-understanding-networking-security-example_{context}"]
= Example: Exposing applications and securing connections

In this example, a web application running in your cluster needs to be accessed by external users.

. Create a service and expose the application as a service using a service type that suits your needs.
+
[source,yaml]
----
apiVersion: v1
kind: Service
metadata:
  name: my-web-app
spec:
  type: LoadBalancer
  selector:
    app: my-web-app
  ports:
  - port: 80
    targetPort: 8080
----

. Define an `Ingress` resource to manage HTTP/HTTPS traffic and route it to your service.
+
[source,yaml]
----
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-web-app-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: mywebapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-web-app
            port:
              number: 80
----

. Configure TLS for your ingress to ensure secured, encrypted connections.
+
[source,yaml]
----
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-web-app-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  tls:
  - hosts:
    - mywebapp.example.com
    secretName: my-tls-secret
  rules:
  - host: mywebapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-web-app
            port:
              number: 80
----