NGINX Kubernetes Ingress Controller | Deployment (GKE)¶
Clone the official NGINX repo and change your working directory to
kubernetes-ingress. Everything we need to build and deploy NGINX+ as KIC is in this repo.git clone -b 'v1.12.0' --single-branch https://github.com/nginxinc/kubernetes-ingress cd kubernetes-ingress
Copy your NGINX+ license key and certificate to the kubernetes-ingress directory. You can copy and paste by dragging and dropping into VS Code editor.
nginx-repo.key
nginx-repo.crt
Confirm both files exist in the kubernetes-ingress directory:
ls nginx-repo*Build and push the NGINX Plus Docker image to the Artifact Registry repo.
From the GCP Console, in the search bar at the top, look for Artifact Registry. Click on your repo. Copy the complete path to the Artifact Registry repo. For example:
us-east4-docker.pkg.dev/f5-gcs-4261-sales-na-ne/marfil-my-repo. Save this text to your notes.
Build the
nginx-plus-ingressDocker image.Note
Replace the repo path in the examples below, with your own repo path from the previous step.
make debian-image-plus PREFIX=us-east4-docker.pkg.dev/f5-gcs-4261-sales-na-ne/marfil-my-repo/nginx-plus-ingress TARGET=container
Once done. Combine the full path to your image and tag like this:
docker images | grep nginx-plus-ingress
For example, the output below:
us-east4-docker.pkg.dev/f5-gcs-4261-sales-na-ne/marfil-my-repo/nginx-plus-ingress 1.12.0-SNAPSHOT-c9d3618 1cc1b47cf228 12 seconds ago 131MBWould become:
us-east4-docker.pkg.dev/f5-gcs-4261-sales-na-ne/marfil-my-repo/nginx-plus-ingress:1.12.0-SNAPSHOT-c9d3618Finally, push the image to your Artifact Registry repo:
docker push us-east4-docker.pkg.dev/f5-gcs-4261-sales-na-ne/marfil-my-repo/nginx-plus-ingress:1.12.0-SNAPSHOT-c9d3618
From the GCP console, you should see the new image in your Artifact Registry repo.
Deploy
nginx-plus-ingressto your GKE cluster.Change your working directory to
deployments:cd deployments
You need to make two edits to the
deployment/nginx-plus-ingress.yamlmanifest. From the VS Code Explorer menu to the left of the code editor, double-click ondeployment/nginx-plus-ingress.yamlto open in the VS Code editor. Alternatively, you can edit the file from your terminal with any popular text editor such asvimornano.Change the
imageparameter to reference the nginx-plus-ingress image in our repo.Add
argsto enable the NGINX Plus statistics dashboard.
- -nginx-status-allow-cidrs=0.0.0.0/0
Save your changes.
To deploy nginx-plus-ingress, you can apply multiple yaml manifest with a single command.
Copy and paste the code block below to the VS Code terminal.
kubectl apply \ -f common/ns-and-sa.yaml \ -f rbac/rbac.yaml \ -f rbac/ap-rbac.yaml \ -f common/default-server-secret.yaml \ -f common/nginx-config.yaml \ -f common/ingress-class.yaml \ -f common/crds/k8s.nginx.org_virtualservers.yaml \ -f common/crds/k8s.nginx.org_virtualserverroutes.yaml \ -f common/crds/k8s.nginx.org_transportservers.yaml \ -f common/crds/k8s.nginx.org_policies.yaml \ -f common/crds/k8s.nginx.org_globalconfigurations.yaml \ -f service/loadbalancer.yaml \ -f deployment/nginx-plus-ingress.yaml
The
service/loadbalancer.yamlmanifest has created a load balancer service for our NGINX Ingress. This maps all HTTP and HTTPS traffic coming in to the load-balancer’s public IP address to one or more NGINX Ingresses:kubectl get svc -n nginx-ingress
Let’s create a second load balancer service to the NGINX Plus deployment running the stats dashboard on TCP port 8080.
cat << EOF | kubectl apply -f - apiVersion: v1 kind: Service metadata: name: dashboard-nginx-ingress namespace: nginx-ingress spec: type: LoadBalancer ports: - port: 80 targetPort: 8080 protocol: TCP name: http selector: app: nginx-ingress EOF
Confirm both
nginx-ingressanddashboard-nginx-ingressservices are running.kubectl get svc -n nginx-ingress
Both the
nginx-ingressanddashboard-nginx-ingressservices should be accessible from any browser. Test both.nginx-ingress:
Note
The nginx-ingress service will reply with 404 Not Found. This is expected at this point in the lab: after the nginx deployment is running but before the ingress has been configured.
dashboard-nginx-ingress:
Let’s make the
EXTERNAL-IPaddresses resolvable via DNS on our lab machines and create some useful environment variables.Note
Continue to check periodically until EXTERNAL-IP’s are no longer <pending>.
kubectl get svc -n nginx-ingress
Note
Do not run the commands below until _after_ EXTERNAL-IP’s have been assigned.
From the VS Code terminal:
export nginx_ingress=arcadia.local export dashboard_nginx_ingress=stats.arcadia.local export ip_dashboard_nginx_ingress=$(kubectl get svc dashboard-nginx-ingress --namespace=nginx-ingress | tr -s " " | cut -d' ' -f4 | grep -v "EXTERNAL-IP") export ip_nginx_ingress=$(kubectl get svc nginx-ingress --namespace=nginx-ingress | tr -s " " | cut -d' ' -f4 | grep -v "EXTERNAL-IP") printenv | grep nginx
We can make the load balancer services’ public IP addresses resolvable locally by mapping names to IP addresses in our local hosts file.
Backup your hosts file.
sudo cp /etc/hosts /etc/hosts.bak.$(date '+%s')
Append host entries to your
/etc/hostsfile for botharcadia.localandstats.arcadia.local.sudo bash -c "echo '${ip_dashboard_nginx_ingress} stats.arcadia.local' >> /etc/hosts" sudo bash -c "echo '${ip_nginx_ingress} arcadia.local' >> /etc/hosts"
Confirm changes (last two lines were appended).
cat /etc/hostsNow, append local hosts file entries on your computer–This must be a computer with a modern browser installed.
Note
The hosts file location varies by Operating System.
On Linux and MacOS the file is located at:
/etc/hostsOn Windows the file is located at:
C:\Windows\System32\drivers\etc\hosts
With your browser, hit the (unconfigured) nginx-ingress service:
With your browser hit the dashboard-nginx-ingress service:
http://stats.arcadia.local/dashboard.html
Proceed to Arcadia Application | Deployment (GKE)