kubernetes
/
ingress-nginx
mirror of https://github.com/kubernetes/ingress-nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ingress-nginx/deploy/index.html

52 lines
52 KiB
HTML
Raw Blame History

<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><link href=https://kubernetes.github.io/ingress-nginx/deploy/ rel=canonical><link rel="shortcut icon" href=../assets/images/favicon.png><meta name=generator content="mkdocs-1.1.2, mkdocs-material-6.2.4"><title>Installation Guide - NGINX Ingress Controller</title><link rel=stylesheet href=../assets/stylesheets/main.15aa0b43.min.css><link rel=stylesheet href=../assets/stylesheets/palette.75751829.min.css><meta name=theme-color content=#009485><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback"><style>body,input{font-family:"Roboto",-apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Roboto Mono",SFMono-Regular,Consolas,Menlo,monospace}</style><link rel=stylesheet href=../extra.css><script>window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)},ga.l=+new Date,ga("create","UA-118407822-1","kubernetes.github.io"),ga("set","anonymizeIp",!0),ga("send","pageview"),document.addEventListener("DOMContentLoaded",function(){document.forms.search&&document.forms.search.query.addEventListener("blur",function(){if(this.value){var e=document.location.pathname;ga("send","pageview",e+"?q="+this.value)}})}),document.addEventListener("DOMContentSwitch",function(){ga("send","pageview",document.location.pathname)})</script><script async src=https://www.google-analytics.com/analytics.js></script></head> <body dir=ltr data-md-color-scheme data-md-color-primary=teal data-md-color-accent=green> <input class=md-toggle data-md-toggle=drawer type=checkbox id=__drawer autocomplete=off> <input class=md-toggle data-md-toggle=search type=checkbox id=__search autocomplete=off> <label class=md-overlay for=__drawer></label> <div data-md-component=skip> <a href=#installation-guide class=md-skip> Skip to content </a> </div> <div data-md-component=announce> </div> <header class=md-header data-md-component=header> <nav class="md-header-nav md-grid" aria-label=Header> <a href=https://kubernetes.github.io/ingress-nginx title="NGINX Ingress Controller" class="md-header-nav__button md-logo" aria-label="NGINX Ingress Controller"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg> </a> <label class="md-header-nav__button md-icon" for=__drawer> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg> </label> <div class=md-header-nav__title data-md-component=header-title> <div class=md-header-nav__ellipsis> <div class=md-header-nav__topic> <span class=md-ellipsis> NGINX Ingress Controller </span> </div> <div class=md-header-nav__topic> <span class=md-ellipsis> Installation Guide </span> </div> </div> </div> <label class="md-header-nav__button md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg> </label> <div class=md-search data-md-component=search role=dialog> <label class=md-search__overlay for=__search></label> <div class=md-search__inner role=search> <form class=md-search__form name=search> <input type=text class=md-search__input name=query aria-label=Search placeholder=Search autocapitalize=off autocorrect=off autocomplete=off spellcheck=false data-md-component=search-query data-md-state=active required> <label class="md-search__icon md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg> </label> <button type=reset class="md-search__icon md-icon" aria-label=Clear data-md-component=search-reset tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg> </button> </form> <div class=md-search__output> <div class=md-search__scrollwrap data-md-scrollfix> <div class=md-search-result data-md-component=search-result> <div class=md-search-result__meta> Initializing search </div> <ol class=md-search-result__list></ol> </div> </div> </div> </div> </div> <div class=md-header-nav__source> <a href=https://github.com/kubernetes/ingress-nginx/ title="Go to repository" class=md-source> <div class="md-source__icon md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg> </div> <div class=md-source__repository> kubernetes/ingress-nginx </div> </a> </div> </nav> </header> <div class=md-container data-md-component=container> <nav class=md-tabs aria-label=Tabs data-md-component=tabs> <div class="md-tabs__inner md-grid"> <ul class=md-tabs__list> <li class=md-tabs__item> <a href=.. class=md-tabs__link> Welcome </a> </li> <li class=md-tabs__item> <a href=./ class="md-tabs__link md-tabs__link--active"> Deployment </a> </li> <li class=md-tabs__item> <a href=../user-guide/nginx-configuration/ class=md-tabs__link> User guide </a> </li> <li class=md-tabs__item> <a href=../examples/ class=md-tabs__link> Examples </a> </li> <li class=md-tabs__item> <a href=../developer-guide/getting-started/ class=md-tabs__link> Developer Guide </a> </li> </ul> </div> </nav> <main class=md-main data-md-component=main> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component=navigation> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--primary md-nav--lifted" aria-label=Navigation data-md-level=0> <label class=md-nav__title for=__drawer> <a href=https://kubernetes.github.io/ingress-nginx title="NGINX Ingress Controller" class="md-nav__button md-logo" aria-label="NGINX Ingress Controller"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg> </a> NGINX Ingress Controller </label> <div class=md-nav__source> <a href=https://github.com/kubernetes/ingress-nginx/ title="Go to repository" class=md-source> <div class="md-source__icon md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg> </div> <div class=md-source__repository> kubernetes/ingress-nginx </div> </a> </div> <ul class=md-nav__list data-md-scrollfix> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-1 type=checkbox id=nav-1> <label class=md-nav__link for=nav-1> Welcome <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Welcome data-md-level=1> <label class=md-nav__title for=nav-1> <span class="md-nav__icon md-icon"></span> Welcome </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=.. class=md-nav__link> Welcome </a> </li> <li class=md-nav__item> <a href=../how-it-works/ class=md-nav__link> How it works </a> </li> <li class=md-nav__item> <a href=../troubleshooting/ class=md-nav__link> Troubleshooting </a> </li> <li class=md-nav__item> <a href=../kubectl-plugin/ class=md-nav__link> kubectl plugin </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--active md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-2 type=checkbox id=nav-2 checked> <label class=md-nav__link for=nav-2> Deployment <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Deployment data-md-level=1> <label class=md-nav__title for=nav-2> <span class="md-nav__icon md-icon"></span> Deployment </label> <ul class=md-nav__list data-md-scrollfix> <li class="md-nav__item md-nav__item--active"> <input class="md-nav__toggle md-toggle" data-md-toggle=toc type=checkbox id=__toc> <label class="md-nav__link md-nav__link--active" for=__toc> Installation Guide <span class="md-nav__icon md-icon"></span> </label> <a href=./ class="md-nav__link md-nav__link--active"> Installation Guide </a> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=#contents class=md-nav__link> Contents </a> </li> <li class=md-nav__item> <a href=#quick-start class=md-nav__link> Quick start </a> <nav class=md-nav aria-label="Quick start"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#pre-flight-check class=md-nav__link> Pre-flight check </a> </li> <li class=md-nav__item> <a href=#local-testing class=md-nav__link> Local testing </a> </li> <li class=md-nav__item> <a href=#online-testing class=md-nav__link> Online testing </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#environment-specific-instructions class=md-nav__link> Environment-specific instructions </a> <nav class=md-nav aria-label="Environment-specific instructions"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#local-development-clusters class=md-nav__link> Local development clusters </a> <nav class=md-nav aria-label="Local development clusters"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#minikube class=md-nav__link> minikube </a> </li> <li class=md-nav__item> <a href=#microk8s class=md-nav__link> MicroK8s </a> </li> <li class=md-nav__item> <a href=#docker-desktop class=md-nav__link> Docker Desktop </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#cloud-deployments class=md-nav__link> Cloud deployments </a> <nav class=md-nav aria-label="Cloud deployments"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#aws class=md-nav__link> AWS </a> <nav class=md-nav aria-label=AWS> <ul class=md-nav__list> <li class=md-nav__item> <a href=#network-load-balancer-nlb class=md-nav__link> Network Load Balancer (NLB) </a> </li> <li class=md-nav__item> <a href=#tls-termination-in-aws-load-balancer-nlb class=md-nav__link> TLS termination in AWS Load Balancer (NLB) </a> </li> <li class=md-nav__item> <a href=#nlb-idle-timeouts class=md-nav__link> NLB Idle Timeouts </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#gce-gke class=md-nav__link> GCE-GKE </a> </li> <li class=md-nav__item> <a href=#azure class=md-nav__link> Azure </a> </li> <li class=md-nav__item> <a href=#digital-ocean class=md-nav__link> Digital Ocean </a> </li> <li class=md-nav__item> <a href=#scaleway class=md-nav__link> Scaleway </a> </li> <li class=md-nav__item> <a href=#exoscale class=md-nav__link> Exoscale </a> </li> <li class=md-nav__item> <a href=#oracle-cloud-infrastructure class=md-nav__link> Oracle Cloud Infrastructure </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#bare-metal-clusters class=md-nav__link> Bare metal clusters </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#miscellaneous class=md-nav__link> Miscellaneous </a> <nav class=md-nav aria-label=Miscellaneous> <ul class=md-nav__list> <li class=md-nav__item> <a href=#checking-ingress-controller-version class=md-nav__link> Checking ingress controller version </a> </li> <li class=md-nav__item> <a href=#scope class=md-nav__link> Scope </a> </li> <li class=md-nav__item> <a href=#webhook-network-access class=md-nav__link> Webhook network access </a> </li> <li class=md-nav__item> <a href=#certificate-generation class=md-nav__link> Certificate generation </a> </li> <li class=md-nav__item> <a href=#running-on-kubernetes-versions-older-than-119 class=md-nav__link> Running on Kubernetes versions older than 1.19 </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=baremetal/ class=md-nav__link> Bare-metal considerations </a> </li> <li class=md-nav__item> <a href=rbac/ class=md-nav__link> Role Based Access Control (RBAC) </a> </li> <li class=md-nav__item> <a href=upgrade/ class=md-nav__link> Upgrade </a> </li> <li class=md-nav__item> <a href=hardening-guide/ class=md-nav__link> Hardening guide </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3 type=checkbox id=nav-3> <label class=md-nav__link for=nav-3> User guide <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="User guide" data-md-level=1> <label class=md-nav__title for=nav-3> <span class="md-nav__icon md-icon"></span> User guide </label> <ul class=md-nav__list data-md-scrollfix> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3-1 type=checkbox id=nav-3-1> <label class=md-nav__link for=nav-3-1> NGINX Configuration <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="NGINX Configuration" data-md-level=2> <label class=md-nav__title for=nav-3-1> <span class="md-nav__icon md-icon"></span> NGINX Configuration </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../user-guide/nginx-configuration/ class=md-nav__link> Introduction </a> </li> <li class=md-nav__item> <a href=../user-guide/basic-usage/ class=md-nav__link> Basic usage </a> </li> <li class=md-nav__item> <a href=../user-guide/nginx-configuration/annotations/ class=md-nav__link> Annotations </a> </li> <li class=md-nav__item> <a href=../user-guide/nginx-configuration/configmap/ class=md-nav__link> ConfigMap </a> </li> <li class=md-nav__item> <a href=../user-guide/nginx-configuration/custom-template/ class=md-nav__link> Custom NGINX template </a> </li> <li class=md-nav__item> <a href=../user-guide/nginx-configuration/log-format/ class=md-nav__link> Log format </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=../user-guide/cli-arguments/ class=md-nav__link> Command line arguments </a> </li> <li class=md-nav__item> <a href=../user-guide/custom-errors/ class=md-nav__link> Custom errors </a> </li> <li class=md-nav__item> <a href=../user-guide/default-backend/ class=md-nav__link> Default backend </a> </li> <li class=md-nav__item> <a href=../user-guide/exposing-tcp-udp-services/ class=md-nav__link> Exposing TCP and UDP services </a> </li> <li class=md-nav__item> <a href=../user-guide/fcgi-services/ class=md-nav__link> Exposing FCGI services </a> </li> <li class=md-nav__item> <a href=../user-guide/ingress-path-matching/ class=md-nav__link> Regular expressions in paths </a> </li> <li class=md-nav__item> <a href=../user-guide/external-articles/ class=md-nav__link> External Articles </a> </li> <li class=md-nav__item> <a href=../user-guide/miscellaneous/ class=md-nav__link> Miscellaneous </a> </li> <li class=md-nav__item> <a href=../user-guide/monitoring/ class=md-nav__link> Prometheus and Grafana installation </a> </li> <li class=md-nav__item> <a href=../user-guide/multiple-ingress/ class=md-nav__link> Multiple Ingress controllers </a> </li> <li class=md-nav__item> <a href=../user-guide/tls/ class=md-nav__link> TLS/HTTPS </a> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3-13 type=checkbox id=nav-3-13> <label class=md-nav__link for=nav-3-13> Third party addons <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="Third party addons" data-md-level=2> <label class=md-nav__title for=nav-3-13> <span class="md-nav__icon md-icon"></span> Third party addons </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../user-guide/third-party-addons/modsecurity/ class=md-nav__link> ModSecurity Web Application Firewall </a> </li> <li class=md-nav__item> <a href=../user-guide/third-party-addons/opentracing/ class=md-nav__link> OpenTracing </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4 type=checkbox id=nav-4> <label class=md-nav__link for=nav-4> Examples <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Examples data-md-level=1> <label class=md-nav__title for=nav-4> <span class="md-nav__icon md-icon"></span> Examples </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../examples/ class=md-nav__link> Introduction </a> </li> <li class=md-nav__item> <a href=../examples/PREREQUISITES/ class=md-nav__link> Prerequisites </a> </li> <li class=md-nav__item> <a href=../examples/affinity/cookie/ class=md-nav__link> Sticky Sessions </a> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4-4 type=checkbox id=nav-4-4> <label class=md-nav__link for=nav-4-4> Auth <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Auth data-md-level=2> <label class=md-nav__title for=nav-4-4> <span class="md-nav__icon md-icon"></span> Auth </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../examples/auth/basic/ class=md-nav__link> Basic Authentication </a> </li> <li class=md-nav__item> <a href=../examples/auth/client-certs/ class=md-nav__link> Client Certificate Authentication </a> </li> <li class=md-nav__item> <a href=../examples/auth/external-auth/ class=md-nav__link> External Basic Authentication </a> </li> <li class=md-nav__item> <a href=../examples/auth/oauth-external-auth/ class=md-nav__link> External OAUTH Authentication </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4-5 type=checkbox id=nav-4-5> <label class=md-nav__link for=nav-4-5> Customization <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Customization data-md-level=2> <label class=md-nav__title for=nav-4-5> <span class="md-nav__icon md-icon"></span> Customization </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../examples/customization/configuration-snippets/ class=md-nav__link> Configuration Snippets </a> </li> <li class=md-nav__item> <a href=../examples/customization/custom-configuration/ class=md-nav__link> Custom Configuration </a> </li> <li class=md-nav__item> <a href=../examples/customization/custom-errors/ class=md-nav__link> Custom Errors </a> </li> <li class=md-nav__item> <a href=../examples/customization/custom-headers/ class=md-nav__link> Custom Headers </a> </li> <li class=md-nav__item> <a href=../examples/customization/external-auth-headers/ class=md-nav__link> External authentication </a> </li> <li class=md-nav__item> <a href=../examples/customization/ssl-dh-param/ class=md-nav__link> Custom DH parameters for perfect forward secrecy </a> </li> <li class=md-nav__item> <a href=../examples/customization/sysctl/ class=md-nav__link> Sysctl tuning </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=../examples/docker-registry/ class=md-nav__link> Docker registry </a> </li> <li class=md-nav__item> <a href=../examples/grpc/ class=md-nav__link> gRPC </a> </li> <li class=md-nav__item> <a href=../examples/multi-tls/ class=md-nav__link> Multi TLS certificate termination </a> </li> <li class=md-nav__item> <a href=../examples/rewrite/ class=md-nav__link> Rewrite </a> </li> <li class=md-nav__item> <a href=../examples/static-ip/ class=md-nav__link> Static IPs </a> </li> <li class=md-nav__item> <a href=../examples/tls-termination/ class=md-nav__link> TLS termination </a> </li> <li class=md-nav__item> <a href=../examples/psp/ class=md-nav__link> Pod Security Policy (PSP) </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-5 type=checkbox id=nav-5> <label class=md-nav__link for=nav-5> Developer Guide <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="Developer Guide" data-md-level=1> <label class=md-nav__title for=nav-5> <span class="md-nav__icon md-icon"></span> Developer Guide </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../developer-guide/getting-started/ class=md-nav__link> Getting Started </a> </li> <li class=md-nav__item> <a href=../developer-guide/code-overview/ class=md-nav__link> Code Overview </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component=toc> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=#contents class=md-nav__link> Contents </a> </li> <li class=md-nav__item> <a href=#quick-start class=md-nav__link> Quick start </a> <nav class=md-nav aria-label="Quick start"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#pre-flight-check class=md-nav__link> Pre-flight check </a> </li> <li class=md-nav__item> <a href=#local-testing class=md-nav__link> Local testing </a> </li> <li class=md-nav__item> <a href=#online-testing class=md-nav__link> Online testing </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#environment-specific-instructions class=md-nav__link> Environment-specific instructions </a> <nav class=md-nav aria-label="Environment-specific instructions"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#local-development-clusters class=md-nav__link> Local development clusters </a> <nav class=md-nav aria-label="Local development clusters"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#minikube class=md-nav__link> minikube </a> </li> <li class=md-nav__item> <a href=#microk8s class=md-nav__link> MicroK8s </a> </li> <li class=md-nav__item> <a href=#docker-desktop class=md-nav__link> Docker Desktop </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#cloud-deployments class=md-nav__link> Cloud deployments </a> <nav class=md-nav aria-label="Cloud deployments"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#aws class=md-nav__link> AWS </a> <nav class=md-nav aria-label=AWS> <ul class=md-nav__list> <li class=md-nav__item> <a href=#network-load-balancer-nlb class=md-nav__link> Network Load Balancer (NLB) </a> </li> <li class=md-nav__item> <a href=#tls-termination-in-aws-load-balancer-nlb class=md-nav__link> TLS termination in AWS Load Balancer (NLB) </a> </li> <li class=md-nav__item> <a href=#nlb-idle-timeouts class=md-nav__link> NLB Idle Timeouts </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#gce-gke class=md-nav__link> GCE-GKE </a> </li> <li class=md-nav__item> <a href=#azure class=md-nav__link> Azure </a> </li> <li class=md-nav__item> <a href=#digital-ocean class=md-nav__link> Digital Ocean </a> </li> <li class=md-nav__item> <a href=#scaleway class=md-nav__link> Scaleway </a> </li> <li class=md-nav__item> <a href=#exoscale class=md-nav__link> Exoscale </a> </li> <li class=md-nav__item> <a href=#oracle-cloud-infrastructure class=md-nav__link> Oracle Cloud Infrastructure </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#bare-metal-clusters class=md-nav__link> Bare metal clusters </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#miscellaneous class=md-nav__link> Miscellaneous </a> <nav class=md-nav aria-label=Miscellaneous> <ul class=md-nav__list> <li class=md-nav__item> <a href=#checking-ingress-controller-version class=md-nav__link> Checking ingress controller version </a> </li> <li class=md-nav__item> <a href=#scope class=md-nav__link> Scope </a> </li> <li class=md-nav__item> <a href=#webhook-network-access class=md-nav__link> Webhook network access </a> </li> <li class=md-nav__item> <a href=#certificate-generation class=md-nav__link> Certificate generation </a> </li> <li class=md-nav__item> <a href=#running-on-kubernetes-versions-older-than-119 class=md-nav__link> Running on Kubernetes versions older than 1.19 </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class=md-content> <article class="md-content__inner md-typeset"> <a href=https://github.com/kubernetes/ingress-nginx/edit/main/docs/deploy/index.md title="Edit this page" class="md-content__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg> </a> <h1 id=installation-guide>Installation Guide<a class=headerlink href=#installation-guide title="Permanent link"></a></h1> <p>There are multiple ways to install the NGINX ingress controller:</p> <ul> <li>with <a href=https://helm.sh>Helm</a>, using the project repository chart;</li> <li>with <code>kubectl apply</code>, using YAML manifests;</li> <li>with specific addons (e.g. for <a href=#minikube>minikube</a> or <a href=#microk8s>MicroK8s</a>).</li> </ul> <p>On most Kubernetes clusters, the ingress controller will work without requiring any extra configuration. If you want to get started as fast as possible, you can check the <a href=#quick-start>quick start</a> instructions. However, in many environments, you can improve the performance or get better logs by enabling extra features. we recommend that you check the <a href=#environment-specific-instructions>environment-specific instructions</a> for details about optimizing the ingress controller for your particular environment or cloud provider.</p> <h2 id=contents>Contents<a class=headerlink href=#contents title="Permanent link"></a></h2> <!-- Quick tip: run `grep '^##' index.md` to check that the table of contents is up to date. --> <ul> <li> <p><a href=#quick-start>Quick start</a></p> </li> <li> <p><a href=#environment-specific-instructions>Environment-specific instructions</a></p> </li> <li>... <a href=#docker-desktop>Docker Desktop</a></li> <li>... <a href=#minikube>minikube</a></li> <li>... <a href=#microk8s>MicroK8s</a></li> <li>... <a href=#aws>AWS</a></li> <li>... <a href=#gce-gke>GCE - GKE</a></li> <li>... <a href=#azure>Azure</a></li> <li>... <a href=#digital-ocean>Digital Ocean</a></li> <li>... <a href=#scaleway>Scaleway</a></li> <li>... <a href=#exoscale>Exoscale</a></li> <li>... <a href=#oracle-cloud-infrastructure>Oracle Cloud Infrastructure</a></li> <li>... <a href=#bare-metal-clusters>Bare-metal</a></li> <li><a href=#miscellaneous>Miscellaneous</a></li> </ul> <!-- TODO: We have subdirectories for kubernetes versions now because of a PR https://github.com/kubernetes/ingress-nginx/pull/8162 . You can see this here https://github.com/kubernetes/ingress-nginx/tree/main/deploy/static/provider/cloud . We need to add documentation here that is clear and unambiguous in guiding users to pick the deployment manifest under a subdirectory, based on the K8S version being used. But until the explicit clear docs land here, users are recommended to feel free to use those subdirectories and get the manifest(s) related to their K8S version. --> <h2 id=quick-start>Quick start<a class=headerlink href=#quick-start title="Permanent link"></a></h2> <p><strong>If you have Helm,</strong> you can deploy the ingress controller with the following command:</p> <div class=highlight><pre><span></span><code><span class=go>helm upgrade --install ingress-nginx ingress-nginx \</span>
<span class=go> --repo https://kubernetes.github.io/ingress-nginx \</span>
<span class=go> --namespace ingress-nginx --create-namespace</span>
</code></pre></div> <p>It will install the controller in the <code>ingress-nginx</code> namespace, creating that namespace if it doesn't already exist.</p> <div class="admonition info"> <p class=admonition-title>Info</p> <p>This command is <em>idempotent</em>:</p> <ul> <li>if the ingress controller is not installed, it will install it,</li> <li>if the ingress controller is already installed, it will upgrade it.</li> </ul> </div> <p><strong>If you don't have Helm</strong> or if you prefer to use a YAML manifest, you can run the following command instead:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div> <div class="admonition info"> <p class=admonition-title>Info</p> <p>The YAML manifest in the command above was generated with <code>helm template</code>, so you will end up with almost the same resources as if you had used Helm to install the controller.</p> </div> <div class="admonition attention"> <p class=admonition-title>Attention</p> </div> <p>If you are running an old version of Kubernetes (1.18 or earlier), please read <a href=#running-on-Kubernetes-versions-older-than-1.19>this paragraph</a> for specific instructions. Because of api deprecations, the default manifest may not work on your cluster. Specific manifests for supported Kubernetes versions are available within a subfolder of each provider.</p> <h3 id=pre-flight-check>Pre-flight check<a class=headerlink href=#pre-flight-check title="Permanent link"></a></h3> <p>A few pods should start in the <code>ingress-nginx</code> namespace:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl get pods --namespace=ingress-nginx</span>
</code></pre></div> <p>After a while, they should all be running. The following command will wait for the ingress controller pod to be up, running, and ready:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl wait --namespace ingress-nginx \</span>
<span class=go> --for=condition=ready pod \</span>
<span class=go> --selector=app.kubernetes.io/component=controller \</span>
<span class=go> --timeout=120s</span>
</code></pre></div> <h3 id=local-testing>Local testing<a class=headerlink href=#local-testing title="Permanent link"></a></h3> <p>Let's create a simple web server and the associated service:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl create deployment demo --image=httpd --port=80</span>
<span class=go>kubectl expose deployment demo</span>
</code></pre></div> <p>Then create an ingress resource. The following example uses an host that maps to <code>localhost</code>:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl create ingress demo-localhost --class=nginx \</span>
<span class=go> --rule=&quot;demo.localdev.me/*=demo:80&quot;</span>
</code></pre></div> <p>Now, forward a local port to the ingress controller:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8080:80</span>
</code></pre></div> <p>At this point, if you access http://demo.localdev.me:8080/, you should see an HTML page telling you "It works!".</p> <h3 id=online-testing>Online testing<a class=headerlink href=#online-testing title="Permanent link"></a></h3> <p>If your Kubernetes cluster is a "real" cluster that supports services of type <code>LoadBalancer</code>, it will have allocated an external IP address or FQDN to the ingress controller.</p> <p>You can see that IP address or FQDN with the following command:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl get service ingress-nginx-controller --namespace=ingress-nginx</span>
</code></pre></div> <p>It will be the <code>EXTERNAL-IP</code> field. If that field shows <code>&lt;pending&gt;</code>, this means that your Kubernetes cluster wasn't able to provision the load balancer (generally, this is because it doesn't support services of type <code>LoadBalancer</code>).</p> <p>Once you have the external IP address (or FQDN), set up a DNS record pointing to it. Then you can create an ingress resource. The following example assumes that you have set up a DNS record for <code>www.demo.io</code>:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl create ingress demo --class=nginx \</span>
<span class=go> --rule=&quot;www.demo.io/*=demo:80&quot;</span>
</code></pre></div> <p>Alternatively, the above command can be rewritten as follows for the <code>--rule</code> command and below. <div class=highlight><pre><span></span><code><span class=go>kubectl create ingress demo --class=nginx \</span>
<span class=go> --rule www.demo.io/=demo:80</span>
</code></pre></div></p> <p>You should then be able to see the "It works!" page when you connect to http://www.demo.io/. Congratulations, you are serving a public web site hosted on a Kubernetes cluster! 🎉</p> <h2 id=environment-specific-instructions>Environment-specific instructions<a class=headerlink href=#environment-specific-instructions title="Permanent link"></a></h2> <h3 id=local-development-clusters>Local development clusters<a class=headerlink href=#local-development-clusters title="Permanent link"></a></h3> <h4 id=minikube>minikube<a class=headerlink href=#minikube title="Permanent link"></a></h4> <p>The ingress controller can be installed through minikube's addons system:</p> <div class=highlight><pre><span></span><code><span class=go>minikube addons enable ingress</span>
</code></pre></div> <h4 id=microk8s>MicroK8s<a class=headerlink href=#microk8s title="Permanent link"></a></h4> <p>The ingress controller can be installed through MicroK8s's addons system:</p> <div class=highlight><pre><span></span><code><span class=go>microk8s enable ingress</span>
</code></pre></div> <p>Please check the MicroK8s <a href=https://microk8s.io/docs/addon-ingress>documentation page</a> for details.</p> <h4 id=docker-desktop>Docker Desktop<a class=headerlink href=#docker-desktop title="Permanent link"></a></h4> <p>Kubernetes is available in Docker Desktop:</p> <ul> <li>Mac, from <a href=https://docs.docker.com/docker-for-mac/release-notes/#stable-releases-of-2018>version 18.06.0-ce</a></li> <li>Windows, from <a href=https://docs.docker.com/docker-for-windows/release-notes/#docker-community-edition-18060-ce-win70-2018-07-25>version 18.06.0-ce</a></li> </ul> <p>First, make sure that Kubernetes is enabled in the Docker settings. The command <code>kubectl get nodes</code> should show a single node called <code>docker-desktop</code>.</p> <p>The ingress controller can be installed on Docker Desktop using the default <a href=#quick-start>quick start</a> instructions.</p> <p>On most systems, if you don't have any other service of type <code>LoadBalancer</code> bound to port 80, the ingress controller will be assigned the <code>EXTERNAL-IP</code> of <code>localhost</code>, which means that it will be reachable on localhost:80. If that doesn't work, you might have to fall back to the <code>kubectl port-forward</code> method described in the <a href=#local-testing>local testing section</a>.</p> <h3 id=cloud-deployments>Cloud deployments<a class=headerlink href=#cloud-deployments title="Permanent link"></a></h3> <p>If the load balancers of your cloud provider do active healthchecks on their backends (most do), you can change the <code>externalTrafficPolicy</code> of the ingress controller Service to <code>Local</code> (instead of the default <code>Cluster</code>) to save an extra hop in some cases. If you're installing with Helm, this can be done by adding <code>--set controller.service.externalTrafficPolicy=Local</code> to the <code>helm install</code> or <code>helm upgrade</code> command.</p> <p>Furthermore, if the load balancers of your cloud provider support the PROXY protocol, you can enable it, and it will let the ingress controller see the real IP address of the clients. Otherwise, it will generally see the IP address of the upstream load balancer. This must be done both in the ingress controller (with e.g. <code>--set controller.config.use-proxy-protocol=true</code>) and in the cloud provider's load balancer configuration to function correctly.</p> <p>In the following sections, we provide YAML manifests that enable these options when possible, using the specific options of various cloud providers.</p> <h4 id=aws>AWS<a class=headerlink href=#aws title="Permanent link"></a></h4> <p>In AWS we use a Network load balancer (NLB) to expose the NGINX Ingress controller behind a Service of <code>Type=LoadBalancer</code>.</p> <div class="admonition info"> <p class=admonition-title>Info</p> <p>The provided templates illustrate the setup for legacy in-tree service load balancer for AWS NLB. AWS provides the documentation on how to use <a href=https://docs.aws.amazon.com/eks/latest/userguide/network-load-balancing.html>Network load balancing on Amazon EKS</a> with <a href=https://github.com/kubernetes-sigs/aws-load-balancer-controller>AWS Load Balancer Controller</a>.</p> </div> <h5 id=network-load-balancer-nlb>Network Load Balancer (NLB)<a class=headerlink href=#network-load-balancer-nlb title="Permanent link"></a></h5> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/aws/deploy.yaml</span>
</code></pre></div> <h5 id=tls-termination-in-aws-load-balancer-nlb>TLS termination in AWS Load Balancer (NLB)<a class=headerlink href=#tls-termination-in-aws-load-balancer-nlb title="Permanent link"></a></h5> <p>By default, TLS is terminated in the ingress controller. But it is also possible to terminate TLS in the Load Balancer. This section explains how to do that on AWS using an NLB.</p> <ol> <li>Download the <a href=https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml>deploy.yaml</a> template</li> </ol> <div class=highlight><pre><span></span><code><span class=go>wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml</span>
</code></pre></div> <ol> <li> <p>Edit the file and change the VPC CIDR in use for the Kubernetes cluster: <div class=highlight><pre><span></span><code>proxy-real-ip-cidr: XXX.XXX.XXX/XX
</code></pre></div></p> </li> <li> <p>Change the AWS Certificate Manager (ACM) ID as well: <div class=highlight><pre><span></span><code>arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX
</code></pre></div></p> </li> <li> <p>Deploy the manifest: <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f deploy.yaml</span>
</code></pre></div></p> </li> </ol> <h5 id=nlb-idle-timeouts>NLB Idle Timeouts<a class=headerlink href=#nlb-idle-timeouts title="Permanent link"></a></h5> <p>Idle timeout value for TCP flows is 350 seconds and <a href=https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout>cannot be modified</a>.</p> <p>For this reason, you need to ensure the <a href=https://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout>keepalive_timeout</a> value is configured less than 350 seconds to work as expected.</p> <p>By default NGINX <code>keepalive_timeout</code> is set to <code>75s</code>.</p> <p>More information with regards to timeouts can be found in the <a href=https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout>official AWS documentation</a></p> <h4 id=gce-gke>GCE-GKE<a class=headerlink href=#gce-gke title="Permanent link"></a></h4> <p>First, your user needs to have <code>cluster-admin</code> permissions on the cluster. This can be done with the following command:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl create clusterrolebinding cluster-admin-binding \</span>
<span class=go> --clusterrole cluster-admin \</span>
<span class=go> --user $(gcloud config get-value account)</span>
</code></pre></div> <p>Then, the ingress controller can be installed like this:</p> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div> <div class="admonition warning"> <p class=admonition-title>Warning</p> <p>For private clusters, you will need to either add an additional firewall rule that allows master nodes access to port <code>8443/tcp</code> on worker nodes, or change the existing rule that allows access to ports <code>80/tcp</code>, <code>443/tcp</code> and <code>10254/tcp</code> to also allow access to port <code>8443/tcp</code>.</p> <p>See the <a href=https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules>GKE documentation</a> on adding rules and the <a href=https://github.com/kubernetes/kubernetes/issues/79739>Kubernetes issue</a> for more detail.</p> </div> <div class="admonition warning"> <p class=admonition-title>Warning</p> <p>Proxy protocol is not supported in GCE/GKE.</p> </div> <h4 id=azure>Azure<a class=headerlink href=#azure title="Permanent link"></a></h4> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div> <p>More information with regards to Azure annotations for ingress controller can be found in the <a href=https://docs.microsoft.com/en-us/azure/aks/ingress-internal-ip#create-an-ingress-controller>official AKS documentation</a>.</p> <h4 id=digital-ocean>Digital Ocean<a class=headerlink href=#digital-ocean title="Permanent link"></a></h4> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/do/deploy.yaml</span>
</code></pre></div> <h4 id=scaleway>Scaleway<a class=headerlink href=#scaleway title="Permanent link"></a></h4> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/scw/deploy.yaml</span>
</code></pre></div> <h4 id=exoscale>Exoscale<a class=headerlink href=#exoscale title="Permanent link"></a></h4> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/exoscale/deploy.yaml</span>
</code></pre></div> <p>The full list of annotations supported by Exoscale is available in the Exoscale Cloud Controller Manager <a href=https://github.com/exoscale/exoscale-cloud-controller-manager/blob/master/docs/service-loadbalancer.md>documentation</a>.</p> <h4 id=oracle-cloud-infrastructure>Oracle Cloud Infrastructure<a class=headerlink href=#oracle-cloud-infrastructure title="Permanent link"></a></h4> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div> <p>A <a href=https://github.com/oracle/oci-cloud-controller-manager/blob/master/docs/load-balancer-annotations.md>complete list of available annotations for Oracle Cloud Infrastructure</a> can be found in the <a href=https://github.com/oracle/oci-cloud-controller-manager>OCI Cloud Controller Manager</a> documentation.</p> <h3 id=bare-metal-clusters>Bare metal clusters<a class=headerlink href=#bare-metal-clusters title="Permanent link"></a></h3> <p>This section is applicable to Kubernetes clusters deployed on bare metal servers, as well as "raw" VMs where Kubernetes was installed manually, using generic Linux distros (like CentOS, Ubuntu...)</p> <p>For quick testing, you can use a <a href=https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport>NodePort</a>. This should work on almost every cluster, but it will typically use a port in the range 30000-32767.</p> <div class=highlight><pre><span></span><code><span class=go>kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/baremetal/deploy.yaml</span>
</code></pre></div> <p>For more information about bare metal deployments (and how to use port 80 instead of a random port in the 30000-32767 range), see <a href=baremetal/ >bare-metal considerations</a>.</p> <h2 id=miscellaneous>Miscellaneous<a class=headerlink href=#miscellaneous title="Permanent link"></a></h2> <h3 id=checking-ingress-controller-version>Checking ingress controller version<a class=headerlink href=#checking-ingress-controller-version title="Permanent link"></a></h3> <p>Run <code>/nginx-ingress-controller --version</code> within the pod, for instance with <code>kubectl exec</code>:</p> <div class=highlight><pre><span></span><code><span class=go>POD_NAMESPACE=ingress-nginx</span>
<span class=go>POD_NAME=$(kubectl get pods -n $POD_NAMESPACE -l app.kubernetes.io/name=ingress-nginx --field-selector=status.phase=Running -o name)</span>
<span class=go>kubectl exec $POD_NAME -n $POD_NAMESPACE -- /nginx-ingress-controller --version</span>
</code></pre></div> <h3 id=scope>Scope<a class=headerlink href=#scope title="Permanent link"></a></h3> <p>By default, the controller watches Ingress objects from all namespaces. If you want to change this behavior, use the flag <code>--watch-namespace</code> or check the Helm chart value <code>controller.scope</code> to limit the controller to a single namespace.</p> <p>See also <a href=https://kubernetes.github.io/ingress-nginx/#how-to-easily-install-multiple-instances-of-the-ingress-nginx-controller-in-the-same-cluster>“How to easily install multiple instances of the Ingress NGINX controller in the same cluster”</a> for more details.</p> <h3 id=webhook-network-access>Webhook network access<a class=headerlink href=#webhook-network-access title="Permanent link"></a></h3> <div class="admonition warning"> <p class=admonition-title>Warning</p> <p>The controller uses an <a href=https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/ >admission webhook</a> to validate Ingress definitions. Make sure that you don't have <a href=https://kubernetes.io/docs/concepts/services-networking/network-policies/ >Network policies</a> or additional firewalls preventing connections from the API server to the <code>ingress-nginx-controller-admission</code> service.</p> </div> <h3 id=certificate-generation>Certificate generation<a class=headerlink href=#certificate-generation title="Permanent link"></a></h3> <div class="admonition attention"> <p class=admonition-title>Attention</p> <p>The first time the ingress controller starts, two <a href=https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ >Jobs</a> create the SSL Certificate used by the admission webhook.</p> </div> <p>This can cause an initial delay of up to two minutes until it is possible to create and validate Ingress definitions.</p> <p>You can wait until it is ready to run the next command:</p> <div class=highlight><pre><span></span><code> <span class="l l-Scalar l-Scalar-Plain">kubectl wait --namespace ingress-nginx \</span>
<span class="l l-Scalar l-Scalar-Plain">--for=condition=ready pod \</span>
<span class="l l-Scalar l-Scalar-Plain">--selector=app.kubernetes.io/component=controller \</span>
<span class="l l-Scalar l-Scalar-Plain">--timeout=120s</span>
</code></pre></div> <h3 id=running-on-kubernetes-versions-older-than-119>Running on Kubernetes versions older than 1.19<a class=headerlink href=#running-on-kubernetes-versions-older-than-119 title="Permanent link"></a></h3> <p>Ingress resources evolved over time. They started with <code>apiVersion: extensions/v1beta1</code>, then moved to <code>apiVersion: networking.k8s.io/v1beta1</code> and more recently to <code>apiVersion: networking.k8s.io/v1</code>.</p> <p>Here is how these Ingress versions are supported in Kubernetes: - before Kubernetes 1.19, only <code>v1beta1</code> Ingress resources are supported - from Kubernetes 1.19 to 1.21, both <code>v1beta1</code> and <code>v1</code> Ingress resources are supported - in Kubernetes 1.22 and above, only <code>v1</code> Ingress resources are supported</p> <p>And here is how these Ingress versions are supported in NGINX Ingress Controller: - before version 1.0, only <code>v1beta1</code> Ingress resources are supported - in version 1.0 and above, only <code>v1</code> Ingress resources are</p> <p>As a result, if you're running Kubernetes 1.19 or later, you should be able to use the latest version of the NGINX Ingress Controller; but if you're using an old version of Kubernetes (1.18 or earlier) you will have to use version 0.X of the NGINX Ingress Controller (e.g. version 0.49).</p> <p>The Helm chart of the NGINX Ingress Controller switched to version 1 in version 4 of the chart. In other words, if you're running Kubernetes 1.19 or earlier, you should use version 3.X of the chart (this can be done by adding <code>--version='&lt;4'</code> to the <code>helm install</code> command).</p> </article> </div> </div> </main> <footer class=md-footer> <div class=md-footer-nav> <nav class="md-footer-nav__inner md-grid" aria-label=Footer> <a href=../kubectl-plugin/ class="md-footer-nav__link md-footer-nav__link--prev" rel=prev> <div class="md-footer-nav__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg> </div> <div class=md-footer-nav__title> <div class=md-ellipsis> <span class=md-footer-nav__direction> Previous </span> kubectl plugin </div> </div> </a> <a href=baremetal/ class="md-footer-nav__link md-footer-nav__link--next" rel=next> <div class=md-footer-nav__title> <div class=md-ellipsis> <span class=md-footer-nav__direction> Next </span> Bare-metal considerations </div> </div> <div class="md-footer-nav__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg> </div> </a> </nav> </div> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class=md-footer-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a> </div> </div> </div> </footer> </div> <script src=../assets/javascripts/vendor.93c04032.min.js></script> <script src=../assets/javascripts/bundle.83e5331e.min.js></script><script id=__lang type=application/json>{"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}</script> <script>
app = initialize({
base: "..",
features: ['navigation.tabs', 'navigation.tabs.sticky', 'navigation.instant', 'navigation.sections'],
search: Object.assign({
worker: "../assets/javascripts/worker/search.8c7e0a7e.min.js"
}, typeof search !== "undefined" && search)
})
</script> </body> </html>
Reference in New Issue View Git Blame Copy Permalink