Deploy ingress controller
Ingress handles traffic entering the cluster from the outside.
An ingress controller exposes HTTP and HTTPS routes from outside the cluster to internal services based on the rules defined in ingress resources.
For more information, refer to the Kubernetes official documentation.
Below is how to configure and deploy an ingress controller in a cluster.
This guide provides an example of deploying an ingress controller. Kubernetes Engine does not include native support for ingress controllers. Selection, deployment, and maintenance of the ingress controller is at the discretion of the user.
Step 1. Prerequisites
Before deploying the ingress controller, complete the following prerequisites:
-
Create a cluster where the ingress controller will be deployed.
-
Configure kubectl control to manage the cluster.
Step 2. Deploy ingress controller
Deploy an open-source Nginx-based ingress controller.
Kubernetes Engine currently does not support Admission Webhooks.
To deploy a service with Admission Webhook enabled, set hostNetwork: true
.
Deploy ingress controller using YAML file
Run the following command to deploy ingress-nginx
to your cluster.
This custom example includes hostNetwork: true
in the Deployment
spec.
kubectl --kubeconfig=$KUBE_CONFIG apply -f https://raw.githubusercontent.com/kakaoenterprise/kakaocloud-tutorials/refs/heads/k8se-public-guides/controller-v1.12.1/deploy.yaml
Deploy ingress controller using Helm
Use Helm, the Kubernetes package manager, to deploy the ingress controller.
-
Install the Helm client.
See Install Helm for OS-specific instructions. -
Add the official ingress-nginx Helm chart repository:
Add Helm chart repositoryhelm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
Output"ingress-nginx" has been added to your repositories
Update chart repositoryhelm repo update
-
Deploy the ingress controller with
hostNetwork: true
:Install ingress-nginxhelm install ingress-nginx ingress-nginx/ingress-nginx \
--set controller.hostNetwork=true \
--namespace ingress-nginx --create-namespaceIf already installedhelm upgrade \
--set controller.hostNetwork=true \
--namespace ingress-nginx \
ingress-nginx \
ingress-nginx/ingress-nginxOutputNAME: ingress-nginx
STATUS: deployed
NOTES:
The ingress-nginx controller has been installed.
You can watch the status by running:
kubectl --namespace ingress-nginx get services -o wide -w ingress-nginx-controller
Step 3. Verify ingress controller deployment
-
Verify that the ingress controller pod is running:
Check ingress controller pod statuskubectl --kubeconfig=$KUBE_CONFIG get pods -n ingress-nginx \
-l app.kubernetes.io/name=ingress-nginx --watchExpected outputNAME READY STATUS RESTARTS AGE
ingress-nginx-controller-xxxxx 1/1 Running 0 30s -
Confirm that the ingress controller resources were created.
Step 4. Check ingress controller endpoint
When the ingress controller YAML is deployed, a LoadBalancer service is also created.
The IP of this load balancer is used as the public endpoint for your ingress services.
-
Check the ingress-nginx service:
Check ingress-nginx servicekubectl --kubeconfig=$KUBE_CONFIG get svc -n ingress-nginx
-
Find the
EXTERNAL-IP
of theingress-nginx-controller
.
This becomes the endpoint for services exposed through the ingress.Example outputNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.109.189.56 10.187.5.42 80:30391/TCP,443:30000/TCP 86s
Configure public IP for ingress controller's load balancer
If you need external access, configure public IP usage for the ingress controller's load balancer:
-
Check the load balancer service type:
Check load balancer type servicekubectl --kubeconfig=$KUBE_CONFIG get svc -n ingress-nginx ingress-nginx-controller
-
Set the value of
service.beta.kubernetes.io/openstack-internal-load-balancer
undermetadata.annotations
:true
(default): use private IPfalse
: use public IP
For more details on load balancer options, see Load balancer creation and deletion > Appendix: Configure detailed load balancer options.
- Changing
service.beta.kubernetes.io/openstack-internal-load-balancer
can cause a new public IP to be attached or an existing one to be detached.
If a public IP was previously used and this value is changed totrue
, the IP is detached but still billed. - To delete a public IP used by the Kubernetes Engine load balancer, go to KakaoCloud Console > VPC > Public IP.
For details, refer to Create and manage public IP.