Skip to content
Community

logo

Ingress-nginx#

The NGINX Ingress Controller is a solution for managing external access to applications running in a Kubernetes cluster. It acts as a reverse proxy and load balancer, routing traffic from outside the cluster to the appropriate services within. K0rdent, as a multi-cluster Kubernetes management platform, seamlessly integrates with the NGINX Ingress Controller to provide a unified solution for managing ingress across all your clusters. Here's how this integration works:

  • Simplified Deployment: K0rdent can automate the deployment and configuration of the NGINX Ingress Controller across your clusters, eliminating manual setup and ensuring consistency.
  • Centralized Management: Manage Ingress resources and configurations for all your clusters from the K0rdent control plane, providing a single point of control.
  • Policy-Driven Ingress: Leverage K0rdent's policy engine to enforce security and compliance policies for your Ingress configurations, ensuring consistency and best practices.
  • Monitoring and Observability: K0rdent integrates with monitoring tools to provide insights into the performance and health of your NGINX Ingress Controllers and the applications they expose


Looking for Commercial Support? LEARN MORE

Prerequisites#

Deploy k0rdent v1.5.0: QuickStart

Install template to k0rdent#

helm upgrade --install ingress-nginx oci://ghcr.io/k0rdent/catalog/charts/kgst --set "chart=ingress-nginx:4.13.0" -n kcm-system

Verify service template#

kubectl get servicetemplates -A
# NAMESPACE    NAME                            VALID
# kcm-system   ingress-nginx-4-13-0            true

Deploy service template#

apiVersion: k0rdent.mirantis.com/v1beta1
kind: MultiClusterService
metadata:
  name: ingress-nginx
spec:
  clusterSelector:
    matchLabels:
      group: demo
  serviceSpec:
    services:
    - template: ingress-nginx-4-13-0
      name: ingress-nginx
      namespace: ingress-nginx
      values: |
        ingress-nginx:
          controller:
            service:
              annotations:
                service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
            hostPort:
              enabled: true

Prerequisites#

Deploy k0rdent v1.5.0: QuickStart

Install template to k0rdent#

helm upgrade --install ingress-nginx oci://ghcr.io/k0rdent/catalog/charts/kgst --set "chart=ingress-nginx:4.13.0" -n kcm-system
helm upgrade --install kubernetes-dashboard oci://ghcr.io/k0rdent/catalog/charts/kgst --set "chart=kubernetes-dashboard:7.10.4" -n kcm-system

Verify service template#

kubectl get servicetemplates -A
# NAMESPACE    NAME                            VALID
# kcm-system   ingress-nginx-4-13-0            true
# kcm-system   kubernetes-dashboard-7-10-4     true

Deploy service template#

apiVersion: k0rdent.mirantis.com/v1beta1
kind: MultiClusterService
metadata:
  name: kubernetes-dashboard
spec:
  clusterSelector:
    matchLabels:
      group: demo
  serviceSpec:
    services:
    - template: ingress-nginx-4-13-0
      name: ingress-nginx
      namespace: kubernetes-dashboard
      values: |
        ingress-nginx:
          controller:
            service:
              annotations:
                service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
            hostPort:
              enabled: true
    - template: kubernetes-dashboard-7-10-4
      name: kubernetes-dashboard
      namespace: kubernetes-dashboard
      values: |
        kubernetes-dashboard:
          app:
            ingress:
              enabled: true
              ingressClassName: nginx
              pathType: Prefix
              hosts: ['k8s-dashboard.example.com']

Install template to k0rdent#

helm upgrade --install ingress-nginx oci://ghcr.io/k0rdent/catalog/charts/kgst --set "chart=ingress-nginx:4.13.0" -n kcm-system
helm upgrade --install headlamp oci://ghcr.io/k0rdent/catalog/charts/kgst --set "chart=headlamp:0.32.1" -n kcm-system

Verify service template#

kubectl get servicetemplates -A
# NAMESPACE    NAME                            VALID
# kcm-system   ingress-nginx-4-13-0            true
# kcm-system   headlamp-0-32-1                 true

Deploy service template#

apiVersion: k0rdent.mirantis.com/v1beta1
kind: MultiClusterService
metadata:
  name: headlamp
spec:
  clusterSelector:
    matchLabels:
      group: demo
  serviceSpec:
    services:
    - template: ingress-nginx-4-13-0
      name: ingress-nginx
      namespace: headlamp
      values: |
        ingress-nginx:
          controller:
            service:
              annotations:
                service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
            hostPort:
              enabled: true
    - template: headlamp-0-32-1
      name: headlamp
      namespace: headlamp
      values: |
        headlamp:
          ingress:
            enabled: true
            ingressClassName: nginx
            hosts:
              - host: headlamp.example.com
                paths:
                  - path: "/"
                    type: Prefix

Create access token in the child cluster: 

apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
    name: headlamp-token
    namespace: headlamp
    annotations:
    kubernetes.io/service-account.name: headlamp
    kubernetes.io/service-account.namespace: headlamp

Get the token and use it to authenticate: 

kubectl get secrets headlamp-token -n headlamp -o jsonpath='{.data.token}' | base64 -d; echo

BACK TO CATALOG