Deploy ingress controller
Ingress handles network traffic entering the cluster from the outside, and the Ingress Controller exposes HTTP and HTTPS routes to the internal services from external sources based on the rules defined in the Ingress resource. For more details on Ingress, refer to the Kubernetes official documentation. The following describes how to configure and deploy the ingress controller in a cluster.
This guide provides an example of deploying an ingress controller, but the Kubernetes Engine service does not support ingress controllers. The selection, deployment, and operation of an ingress controller is at the user's discretion.
Step 1. Prerequisites
The following prerequisites are required to set up and deploy the ingress controller:
-
Create a cluster where the ingress controller will be deployed.
-
Set up kubectl control configuration to issue ingress controller deployment commands to the created cluster.
Step 2. Deploy ingress controller
Deploy an open-source Nginx-based ingress controller.
Currently, Kubernetes Engine does not support Admission Webhook. To deploy a service with Admission Webhook enabled, you must set hostNetwork: true.
Deploy ingress controller using YAML file
Enter the following command in the terminal to deploy ingress-nginx to the cluster. Resources like the namespace and service for ingress-nginx will be deployed together. This example is a custom file with hostNetwork: true set in the Deployment specification.
kubectl --kubeconfig=$KUBE_CONFIG apply -f https://raw.githubusercontent.com/kakaoicloud-guide/kubernetes-engine/main/guide-samples/settingIC/ingress-nginx/controller-v1.3.1/deploy.yml
Deploy ingress controller using Helm
Deploy the ingress controller using Helm, the Kubernetes package management tool.
-
Before installing the ingress controller, install the Helm client. For detailed instructions on installing Helm for different operating systems, refer to the Helm official documentation > Installing Helm.
-
Run the following command to add the official ingress-controller Helm chart repository.
Add Helm chart repository command$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
"ingress-nginx" has been added to your repositories
$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "ingress-nginx" chart repository
Update Complete. ⎈Happy Helming!⎈ -
Enter the following command in the terminal to deploy ingress-nginx to the cluster. Resources like the namespace and service for ingress-nginx will be deployed together.
- This ingress controller example file includes a custom configuration with
hostNetwork: trueset in theDeploymentspecification.
Custom example with hostNetwork: true set$ helm install ingress-nginx ingress-nginx/ingress-nginx \
--version 4.2.5 \
--set controller.hostNetwork=true \
--namespace ingress-nginx --create-namespace
NAME: ingress-nginx
LAST DEPLOYED: Tue Mar 14 06:51:47 2023
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace ingress-nginx get services -o wide -w ingress-nginx-controller' - This ingress controller example file includes a custom configuration with
Step 3. Verify ingress controller deployment
-
To verify that the ingress controller has been successfully deployed, enter the following command in the terminal and observe the status of the pod. Ensure that the ingress-controller pod is running correctly.
- If the ingress-controller pod is running, press Ctrl+C to stop the command.
Verify if pod is working normallykubectl --kubeconfig=$KUBE_CONFIG get pods -n ingress-nginx \
-l app.kubernetes.io/name=ingress-nginx --watchResultNAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-r7v2q 0/1 Completed 0 30s
ingress-nginx-admission-patch-v7dmf 0/1 Completed 1 30s
ingress-nginx-controller-74fd5565fb-6gv9g 1/1 Running 0 30s -
생성된 ingress-controller 리소스를 확인합니다.
Step 4. Check ingress controller endpoint
When deploying the ingress controller YAML, a load balancer is created for the ingress controller service. You can open the ingress service through the IP of the created load balancer.
-
Run the following command to check the ingress-nginx service.
Check ingress-nginx servicekubectl --kubeconfig=$KUBE_CONFIG get svc -n ingress-nginx -
In the execution result, check the
EXTERNAL-IPof the ingress-nginx-controller. ThisEXTERNAL-IPwill serve as the endpoint for services opened by creating anIngressobject.-
In the example below, the
EXTERNAL-IPis 10.187.5.42.ResultNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.109.189.56 10.187.5.42 80:30391/TCP,443:30000/TCP 86s
ingress-nginx-controller-admission ClusterIP 10.99.111.97 <none> 443/TCP 86s
-
Configure public IP for load balancer created by ingress controller
-
If external communication is required for the load balancer created by deploying the ingress controller, you can configure whether to use a public IP for the load balancer.
- Run the following command to check the load balancer type service created by the ingress controller deployment.
Check load balancer type servicekubectl --kubeconfig=$KUBE_CONFIG get svc -n ingress-nginx ingress-nginx-controller -
To configure the use of a public IP for the load balancer, set the
service.beta.kubernetes.io/openstack-internal-load-balancervalue under the metadata.annotations of the load balancer type Service object.- To create a load balancer with a private IP, set the value to
true(default). - To create a load balancer with a public IP, set the value to
false.
- To create a load balancer with a private IP, set the value to
For more details on load balancer options, refer to Appendix. Configure detailed load balancer options.
- Depending on the
service.beta.kubernetes.io/openstack-internal-load-balancersetting, the load balancer’s public IP will either create and connect a new public IP or disconnect the public IP. If the value is set to false and the load balancer was using a public IP, changing the value to true later will still result in the public IP being disconnected, and it will be subject to public IP billing. - To delete the public IP used by the Kubernetes Engine load balancer, go to the Public IP menu under the VPC section in the KakaoCloud Console. For more details, refer to Create and manage public IP.