-
Overview
-
Practical sheets
-
-
-
-
-
-
-
- Backup : Agent-Level B&R via NSS for IAAS offer
- Backup : Create VCOD Backup
- Backup : Netbackup Agent Installation for Linux
- Backup : Netbackup Agent Installation for Windows
- Backup : Overall Design for VCOD Offer
- Backup : User's Guide for VCOD Offer
- NSX-T : Configuring a Distributed Firewall [FR]
- NSX-T : Create a VPN Ipsec
- NSX-T : Creation of T1
- NSX-T : DNAT configuration
- NSX-T : How to configure a Gateway Firewall
- NSX-T : SNAT configuration
- NSX-T: Create and Configure a Geneve Overlay Segment [FR]
- NSX-T: How to configure an IPSEC solution
- vCenter : Clone a VM [FR]
- VCenter : Create a new VM
- VCenter : Create a snapshot of a VM
- VCenter : Reset cloudadmin password
- VCenter : Storage Vmotion on a VM
- VCenter : Upgrade Vmware tools on a VM
- Show all articles (5) Collapse Articles
-
-
Q & A
-
Services
- Backup
- Bare metal server
- Block Storage [FR]
- BVPN access
- Certifications [FR]
- Cross Connect [FR]
- Dedicated Cluster
- DRaaS with VCDA
- Dual Site [FR]
- HA Dual-Room
- Internet access
- Kubernetes [FR]
- Licenses
- LoadBalancer As A Service
- Network
- Network Storage
- Object storage
- QoS Appliance
- Security
- Support and Coaching
- Tools [FR]
- VCenter On Demand
- VM Replication [FR]
- Show all articles (8) Collapse Articles
Install the Nginx Ingress Controller
Introduction
This practical sheet provides a step by step procedure to install Nginx as Ingress Controller on workload clusters.
It is given as an example about how to use an Ingress Controller, but others Ingress Controller can be used. It is just for information and to help starting using an Ingress Controller.
To know more about Ingress Controller :
Kubernetes : Ingress Controller
KaaS Standard#ingress_controller
Please note !
This practical sheets is given as information only, Nginx is not mandatory at all, you are free to install any other Ingress Controler on your clusters. No support can be provided on Nginx.
Prerequisites
Before deploying Nginx on the workload cluster, some prerequisite has to be installed either on the admin workstation
On the admin station
Install the Helm tool, using this page
On the cluster
Configure the vipSubnet to use
It is required to configure the vipSubnet to use for the load balancer.
Please follow the steps provided in this page : HERE
Add Nginx Helm repository
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
Install Nginx as Ingress Controller
Please note !
We recommend disabling the usage of the option controller.service.appProtocol to utilize a basic L4 load balancer instead of an L7 load balancer in vCloud Director. By doing so, the traffic will be forwarded to your ingress controller, allowing you to manage certificates using your ingress controller, for example.
helm install --set controller.service.appProtocol=false ingress-nginx ingress-nginx/ingress-nginx
Ingress controller sample usage
To test our Ingress Controller we will deploy two pods. One POD that will display a webpage with the text apple, and another POD that will display a webpage with the text banana.
Depending of the host url used to access the service the Ingress Controller will use the correct POD to give the answer to the web client.
This implementation require only one IP address that are accessible outside the cluster (Nginx IP), it correspond to the service (type LoadBalancer) that has been created during the Nginx installation process.
Please note !
For our demo we will use a public and free DNS service called nip.io. It will help and simplify our demo regarding the DNS resolution, but it is not mandatory at all, you can rely on your classical DNS resolution system.
nip.io will resolve the names by answering the IP provided in the name.
Example for :
banana.100.10.12.2.nip.ip will return the ip : 100.100.12.2
apple.100.10.12.2.nip.ip will return the ip : 100.100.12.2
PODs creation
First we need to define our PODS and services, for that, launch these two commands :
apple app
cat <<EOF | kubectl create -f -
kind: Pod
apiVersion: v1
metadata:
name: apple-app
labels:
app: apple
spec:
containers:
- name: apple-app
image: hashicorp/http-echo
args:
- "-text=apple"
---
kind: Service
apiVersion: v1
metadata:
name: apple-service
spec:
selector:
app: apple
ports:
- port: 5678 # Default port for image
EOF
banana app
cat <<EOF | kubectl create -f -
kind: Pod
apiVersion: v1
metadata:
name: banana-app
labels:
app: banana
spec:
containers:
- name: banana-app
image: hashicorp/http-echo
args:
- "-text=banana"
---
kind: Service
apiVersion: v1
metadata:
name: banana-service
spec:
selector:
app: banana
ports:
- port: 5678 # Default port for image
EOF
Verify that pods status are RUNNING after some times
kubectl get pods banana
kubectl get pods apple
Ingress Deployment
Get the ingress controller service IP. For that use the EXTERNAL-IP value, note the IP it will be required for next step.
Please note !
if you just installed Nginx ingress Controller recently the EXTERNAL-IP address can take some minutes to be affected to your Load Balancer. You can control in vCloud Director that you have enough Virtual Service available in your Edge Gateway
kubectl get svc ingress-nginx-controller
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 100.65.85.121 10.x.y.z 80:30536/TCP,443:32691/TCP 14m
Launch the following command to create Ingress objects :
- replace the [IP] in the host parameter by the external-ip retrieved with the above command
- you can also use your own dns extension instead of nip.io, but for test purpose it will be more easier to use nip.io.
cat <<EOF | kubectl create -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apple-ingress
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: apple.[ip].nip.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
port:
number: 5678
name: apple-service
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: banana-ingress
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: banana.[ip].nip.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
port:
number: 5678
name: banana-service
EOF
Verify the status of the ingress
kubectl get ingress
Test the web page access
Open a web browser that can access to your Ingress Controller IP and try the both ingress URL.
- http://banana.[IP].nip.io (replace the [IP] with the exernal ip)
- http://apple.[IP].nip.io (replace the [IP] with the exernal ip)
Additional test usage
It is also possible to use a same url and redirect the flow depending of the path in the url.
For example :
- http://myapp.[IP].nip.io/apple will use the POD apple
- http://myapp.[IP].nip.io/banana will use the POD banana
The sample yaml file to use for this kind of ingerss is :
cat <<EOF | kubectl create -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apple-ingress
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: apple.[ip].nip.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
port:
number: 5678
name: apple-service
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: banana-ingress
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: banana.[ip].nip.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
port:
number: 5678
name: banana-service
EOF