- Mandatory commands
- Install without RBAC roles
- Install with RBAC roles
- Custom Provider
- Using Helm
- Verify installation
- Detect installed version
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/namespace.yaml \
| kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/default-backend.yaml \
| kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/configmap.yaml \
| kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/tcp-services-configmap.yaml \
| kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/udp-services-configmap.yaml \
| kubectl apply -f -curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/without-rbac.yaml \
| kubectl apply -f -Please check the RBAC document.
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/rbac.yaml \
| kubectl apply -f -
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/with-rbac.yaml \
| kubectl apply -f -There are cloud provider specific yaml files
minikube addons enable ingressIn AWS we use an Elastic Load Balancer (ELB) to expose the NGINX Ingress controller behind a Service of Type=LoadBalancer.
This setup requires to choose in wich layer (L4 or L7) we want to configure the ELB:
- Layer 4: use TCP as the listener protocol for ports 80 and 443.
- Layer 7: use HTTP as the listener protocol for port 80 and terminate TLS in the ELB
For L4:
kubectl apply -f provider/aws/service-l4.yaml
kubectl apply -f provider/aws/patch-configmap-l4.yamlFor L7:
Change line of the file provider/aws/service-l7.yaml replacing the dummy id with a valid one "arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX"
Then execute:
kubectl apply -f provider/aws/service-l7.yaml
kubectl apply -f provider/aws/patch-configmap-l7.yamlThis example creates an ELB with just two listeners, one in port 80 and another in port 443
If the ingress controller uses RBAC run:
kubectl apply -f provider/patch-service-with-rbac.yamlIf not run:
kubectl apply -f provider/patch-service-without-rbac.yamlcurl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/gce-gke/service.yaml \
| kubectl apply -f -If the ingress controller uses RBAC run:
kubectl apply -f provider/patch-service-with-rbac.yamlIf not run:
kubectl apply -f provider/patch-service-without-rbac.yamlImportant Note: proxy protocol is not supported in GCE/GKE
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/azure/service.yaml \
| kubectl apply -f -If the ingress controller uses RBAC run:
kubectl apply -f provider/patch-service-with-rbac.yamlIf not run:
kubectl apply -f provider/patch-service-without-rbac.yamlImportant Note: proxy protocol is not supported in GCE/GKE
Using NodePort:
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/baremetal/service-nodeport.yaml \
| kubectl apply -f -NGINX Ingress controller can be installed via Helm using the chart stable/nginx from the official charts repository.
To install the chart with the release name my-nginx:
helm install stable/nginx-ingress --name my-nginxTo check if the ingress controller pods have started, run the following command:
kubectl get pods --all-namespaces -l app=ingress-nginx --watchOnce the operator pods are running, you can cancel the above command by typing Ctrl+C.
Now, you are ready to create your first ingress.
To detect which version of the ingress controller is running, exec into the pod and run nginx-ingress-controller version command.
POD_NAMESPACE=ingress-nginx
POD_NAME=$(kubectl get pods -n $POD_NAMESPACE -l app=ingress-nginx -o jsonpath={.items[0].metadata.name})
kubectl exec -it $POD_NAME -n $POD_NAMESPACE /nginx-ingress-controller version