Nginx-ingress-with-k8-cluster
Nginx Ingress with kubernetes cluster
This document provides a step-by-step guide to configure Nginx Ingress with a Kubernetes cluster.
Prerequisites
- A Kubernetes cluster above version 1.20, set up with your connection configuration configured as the kubectl default. This setup will use a Utho Kubernetes cluster.
- The
kubectlcommand-line tool installed in your local environment and configured to connect to your cluster. For more information, see the official documentation. If you are using a Utho Kubernetes cluster, refer to the Connect to your Cluster section when you create your cluster. - The
Helmpackage manager available in your development environment official documentation. - A fully registered domain name with available A records. This tutorial will use
hw1.your_domainthroughout. You can purchase a domain name on Namecheap, get one for free on Freenom, or use the domain registrar of your choice. These A records will be directed to a Load Balancer that you will create in Step 2.
Step 1 — Setting Up Hello World Deployments
Before you deploy the Nginx Ingress, you will deploy a “Hello World” app called hello-kubernetes to have some Services to which you’ll route the traffic. To confirm that the Nginx Ingress works properly in the next steps, you’ll deploy it twice, each time with a different welcome message that will be shown when you access it from your browser.
First Deployment
Create the first deployment configuration file:
nano hello-kubernetes-first.yamlAdd the following configuration:
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes-first
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes-first
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kubernetes-first
spec:
replicas: 3
selector:
matchLabels:
app: hello-kubernetes-first
template:
metadata:
labels:
app: hello-kubernetes-first
spec:
containers:
- name: hello-kubernetes
image: paulbouwer/hello-kubernetes:1.10
ports:
- containerPort: 8080
env:
- name: MESSAGE
value: Hello from the first deployment!Apply the configuration:
kubectl create -f hello-kubernetes-first.yamlVerify the Service:
kubectl get service hello-kubernetes-firstSecond Deployment
Create the second deployment configuration file:
nano hello-kubernetes-second.yamlAdd the following configuration:
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes-second
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes-second
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kubernetes-second
spec:
replicas: 3
selector:
matchLabels:
app: hello-kubernetes-second
template:
metadata:
labels:
app: hello-kubernetes-second
spec:
containers:
- name: hello-kubernetes
image: paulbouwer/hello-kubernetes:1.10
ports:
- containerPort: 8080
env:
- name: MESSAGE
value: Hello from the second deployment!Apply the configuration:
kubectl create -f hello-kubernetes-second.yamlVerify the Services:
kubectl get serviceBoth hello-kubernetes-first and hello-kubernetes-second should now be up and running.
Step 2 — Installing the Kubernetes Nginx Ingress Controller
Add the Nginx Ingress Helm repository:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo updateInstall the Nginx Ingress Controller:
helm install nginx-ingress ingress-nginx/ingress-nginx --set controller.publishService.enabled=trueVerify the Load Balancer creation:
kubectl --namespace default get services -o wide -w nginx-ingress-ingress-nginx-controllerStep 3 — Exposing the App Using an Ingress
Create the Ingress Resource file:
nano hello-kubernetes-ingress.yamlAdd the following configuration: done’t forget to add your domains
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: hello-kubernetes-ingress
spec:
ingressClassName: nginx
rules:
- host: "hw1.your-domain-name.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: hello-kubernetes-first
port:
number: 80
- host: "hw2.your-domain-name.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: hello-kubernetes-second
port:
number: 80Apply the configuration:
kubectl apply -f hello-kubernetes-ingress.yamlVerify that accessing your domains works.
Step 4 — Securing the Ingress Using Cert-Manager
Create a namespace for Cert-Manager:
kubectl create namespace cert-managerAdd the Jetstack Helm repository:
helm repo add jetstack https://charts.jetstack.io
helm repo updateInstall Cert-Manager:
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.10.1 --set installCRDs=trueCreate the production ClusterIssuer:
nano production_issuer.yamlAdd the following configuration: done’t forget to add your email
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: your_email_address
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-prod-private-key
solvers:
- http01:
ingress:
class: nginxApply the configuration: done’t forget to add your domains
kubectl apply -f production_issuer.yamlUpdate your Ingress to use TLS:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
...
spec:
tls:
- hosts:
- hw1.your-domain-name.com
- hw2.your-domain-name.com
secretName: hello-kubernetes-tlsApply the updated Ingress configuration:
kubectl apply -f hello-kubernetes-ingress.yamlConclusion
You have successfully set up the Nginx Ingress Controller and Cert-Manager on your Kubernetes cluster using Helm. Your applications are now accessible via your domains and secured with free TLS certificates from Let’s Encrypt.