NGINX Ingress Controller ¶

The NGINX Ingress Controller is an Ingress Controller implementation for Kubernetes that uses NGINX as a reverse proxy and load balancer.^[400-devops__06-Kubernetes__k8s-learning__06.ingress__README.md] It operates as a centralized entry point for external HTTP/HTTPS traffic accessing cluster services, managing domain name resolution and routing rules.^[400-devops-06-kubernetes-k8s-ingress-controller-docker-desktop-readme.md, 400-devops__06-Kubernetes__k8s-ingress-controller-docker-desktop__README.md]

Functionality¶

As an API object, the Ingress Controller manages external access to services, typically via HTTP, providing capabilities such as load balancing, SSL Termination, and Name-based Virtual Hosting.^[400-devops__06-Kubernetes__k8s-learning__06.ingress__README.md] It accepts traffic from external sources and routes it to specific services within the cluster based on defined rules, such as hostnames (e.g., yudady.ml) or paths.^[400-devops-06-kubernetes-devops-helm-helm-jenkins-todo.md, 400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]

A core feature is the ability to map a domain (host) to a specific backend service. For example, an Ingress resource can route traffic for myapp.od.com to a service named myapp-svc.^[400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md, 400-devops-06-kubernetes-devops-helm-helm-jenkins-todo.md]

Deployment and Installation¶

The controller can be deployed using various methods, including kubectl with official YAML manifests or via Helm.

Using Helm ¶

For environments like Docker Desktop, the controller can be installed using the official Helm chart:

[Helm](<./helm.md>) upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
  --namespace ingress-nginx --create-namespace

^[400-devops-06-kubernetes-k8s-ingress-controller-docker-desktop-readme.md, 400-devops__06-Kubernetes__k8s-ingress-controller-docker-desktop__README.md]

Using Manifests (kubectl)¶

Alternatively, it can be applied directly using YAML manifests. A typical deployment creates a dedicated namespace (ingress-nginx), service accounts, ConfigMaps, RBAC roles, and a deployment for the controller itself.^[400-devops__06-Kubernetes__k8s-learning__06.ingress__README.md, 400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]

[kubectl](<./kubectl.md>) apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/cloud/deploy.yaml

^[400-devops-06-kubernetes-k8s-ingress-controller-docker-desktop-readme.md, 400-devops__06-Kubernetes__k8s-ingress-controller-docker-desktop__README.md]

Service Exposure Types¶

The way the Ingress Controller exposes itself to the outside world depends on the Kubernetes environment configuration:

LoadBalancer: In cloud environments or those supporting it, the controller service is often of type LoadBalancer, which provisions an external IP address.^[400-devops__06-Kubernetes__k8s-learning__06.ingress__README.md]
NodePort: In bare-metal or self-managed clusters (like the setup shown in hdss7-11), the service typically defaults to or is configured as NodePort, exposing the controller via specific ports on the cluster nodes (e.g., port 30035 for HTTP).^[400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]
Port Forwarding: For local testing or development, users can forward a local port to the controller service.
```
[kubectl port-forward](<./kubectl-port-forward.md>) --namespace=ingress-nginx service/ingress-nginx-controller 8080:80
```
^[400-devops__06-Kubernetes__k8s-learning__06.ingress__README.md]

Configuration and Networking¶

Ingress Resources¶

Routing logic is defined by creating Ingress resources that specify the ingressClassName (e.g., nginx), the host, and the backend service.^[400-devops-06-kubernetes-devops-helm-helm-jenkins-todo.md]

External Nginx Integration¶

In production setups, an external Nginx server (running on a node like hdss7-12) can be configured as a reverse proxy to the Ingress Controller.^[400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]

This involves defining an upstream block pointing to the NodePorts of the Ingress Controller and configuring a server_name (e.g., *.od.com) to catch relevant traffic.^[400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]

DNS¶

Domain Name System (DNS) records must be configured to resolve the application domains (e.g., myapp.od.com) to the IP address of the external Nginx proxy or the LoadBalancer/Node IP.^[400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md]

Kubernetes
Helm
Ingress
[[Service]]
[[Load Balancer]]

Sources¶

400-devops-06-kubernetes-k8s-ingress-controller-docker-desktop-readme.md
400-devops-06-kubernetes-devops-helm-helm-jenkins-todo.md
400-devops-06-kubernetes-k8s-learning-06ingress-readme.md
400-devops__06-Kubernetes__k8s-ingress-controller-docker-desktop__README.md
400-devops__06-Kubernetes__k8s-learning__linux__02-ingress__README.md

NGINX Ingress Controller¶