Sys Articles

Articles about storage, backup, virtualization, technology, innovation, programming, leadership, management,... etc

Sys Articles

Articles about storage, backup, virtualization, technology, innovation, programming, leadership, management,... etc

How do I configure Kubernetes ingress controllers?

By Ali YAZICIPosted on Posted in CloudTagged , , , , , No Comments on How do I configure Kubernetes ingress controllers?

Configuring Kubernetes Ingress Controllers involves several steps, including deploying the Ingress Controller, configuring the Ingress resource, and setting up DNS and certificates for secure communication. Below is a detailed guide to help you configure Kubernetes Ingress Controllers:

1. Choose an Ingress Controller

Kubernetes doesn’t ship with a default Ingress Controller. You must deploy one that fits your requirements. Popular choices include:
NGINX Ingress Controller
Traefik
HAProxy
Istio Gateway (if using Istio)
AWS ALB Ingress Controller (for AWS environments)
GCP Ingress Controller (for GCP environments)

2. Deploy the Ingress Controller

Ingress Controllers are usually deployed using Helm or Kubernetes manifests.

NGINX Example (via Helm):

“`bash
helm repo add nginx-stable https://helm.nginx.com/stable
helm repo update

helm install my-nginx-ingress nginx-stable/nginx-ingress \
–namespace ingress-nginx \
–create-namespace
“`

NGINX Example (via YAML):

Apply the official NGINX Ingress Controller manifest:
bash
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/cloud/deploy.yaml

3. Verify Deployment

Ensure the Ingress Controller is running:
bash
kubectl get pods -n ingress-nginx
kubectl get svc -n ingress-nginx
Check for a LoadBalancer or NodePort service that routes traffic to the Ingress Controller.

4. Create an Ingress Resource

An Ingress resource defines routing rules to expose your application. For example:

yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 80

  • host: Specifies the domain that maps to the service.
  • path: Defines the URL path to route traffic.
  • backend: Points to the service name and port.

Apply the resource:
bash
kubectl apply -f example-ingress.yaml

5. Set Up DNS

Point your domain name (e.g., example.com) to the external IP address of the Ingress Controller’s LoadBalancer service. This is typically done in your DNS provider’s settings.

6. Configure TLS

To enable HTTPS, you need an SSL certificate. Use tools like Cert-Manager to issue and manage certificates automatically.

Install Cert-Manager (via Helm):

bash
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--set installCRDs=true

Request a TLS Certificate:

Create a ClusterIssuer for Let’s Encrypt:
yaml
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: your-email@example.com
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginx

Apply the manifest:
bash
kubectl apply -f cluster-issuer.yaml

Create an Ingress with TLS:
yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tls-example-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- example.com
secretName: example-tls
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 80

7. Test the Setup

  • Verify DNS resolution:
    bash
    nslookup example.com
  • Access the domain in your browser or use curl:
    bash
    curl -k https://example.com

8. Monitor and Debug

  • Check Ingress Controller logs:
    bash
    kubectl logs -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx
  • Inspect Ingress resource:
    bash
    kubectl describe ingress example-ingress

9. Advanced Configuration

Depending on your Ingress Controller, you can add annotations for:
URL rewrites: nginx.ingress.kubernetes.io/rewrite-target
Whitelist source IPs: nginx.ingress.kubernetes.io/whitelist-source-range
Rate limiting: nginx.ingress.kubernetes.io/limit-rpm
Custom error pages: nginx.ingress.kubernetes.io/custom-http-errors

Refer to the Ingress Controller documentation for additional features.

By following these steps, you will have a functioning Kubernetes Ingress Controller configured to route external traffic to your cluster services. Let me know if you need help with any specific step!

How do I configure Kubernetes ingress controllers?

Related Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top