kubernetes
/
ingress-nginx
mirror of https://github.com/kubernetes/ingress-nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ingress-nginx/deploy/index.html

1671 lines
46 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://kubernetes.github.io/ingress-nginx/deploy/">
<link rel="shortcut icon" href="../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.1.2, mkdocs-material-5.5.12">
<title>Installation Guide - NGINX Ingress Controller</title>
<link rel="stylesheet" href="../assets/stylesheets/main.4dd2dd8d.min.css">
<link rel="stylesheet" href="../assets/stylesheets/palette.6a5ad368.min.css">
<meta name="theme-color" content="#009485">
<link href="https://fonts.gstatic.com" rel="preconnect" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
<style>body,input{font-family:"Roboto",-apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Roboto Mono",SFMono-Regular,Consolas,Menlo,monospace}</style>
<link rel="stylesheet" href="../extra.css">
<script>window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)},ga.l=+new Date,ga("create","UA-118407822-1","kubernetes.github.io"),ga("set","anonymizeIp",!0),ga("send","pageview"),document.addEventListener("DOMContentLoaded",function(){document.forms.search&&document.forms.search.query.addEventListener("blur",function(){if(this.value){var e=document.location.pathname;ga("send","pageview",e+"?q="+this.value)}})}),document.addEventListener("DOMContentSwitch",function(){ga("send","pageview",document.location.pathname)})</script>
<script async src="https://www.google-analytics.com/analytics.js"></script>
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="teal" data-md-color-accent="green">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#installation-guide" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header-nav md-grid" aria-label="Header">
<a href="https://kubernetes.github.io/ingress-nginx" title="NGINX Ingress Controller" class="md-header-nav__button md-logo" aria-label="NGINX Ingress Controller">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
</a>
<label class="md-header-nav__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
</label>
<div class="md-header-nav__title" data-md-component="header-title">
<div class="md-header-nav__ellipsis">
<span class="md-header-nav__topic md-ellipsis">
NGINX Ingress Controller
</span>
<span class="md-header-nav__topic md-ellipsis">
Installation Guide
</span>
</div>
</div>
<label class="md-header-nav__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" data-md-state="active">
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</label>
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" data-md-component="search-reset" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header-nav__source">
<a href="https://github.com/kubernetes/ingress-nginx/" title="Go to repository" class="md-source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes/ingress-nginx
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<nav class="md-tabs md-tabs--active" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href=".." class="md-tabs__link">
Welcome
</a>
</li>
<li class="md-tabs__item">
<a href="./" class="md-tabs__link md-tabs__link--active">
Deployment
</a>
</li>
<li class="md-tabs__item">
<a href="../user-guide/nginx-configuration/" class="md-tabs__link">
User guide
</a>
</li>
<li class="md-tabs__item">
<a href="../examples/" class="md-tabs__link">
Examples
</a>
</li>
</ul>
</div>
</nav>
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="navigation">
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="https://kubernetes.github.io/ingress-nginx" title="NGINX Ingress Controller" class="md-nav__button md-logo" aria-label="NGINX Ingress Controller">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
</a>
NGINX Ingress Controller
</label>
<div class="md-nav__source">
<a href="https://github.com/kubernetes/ingress-nginx/" title="Go to repository" class="md-source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes/ingress-nginx
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-1" type="checkbox" id="nav-1">
<label class="md-nav__link" for="nav-1">
Welcome
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Welcome" data-md-level="1">
<label class="md-nav__title" for="nav-1">
<span class="md-nav__icon md-icon"></span>
Welcome
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href=".." title="Welcome" class="md-nav__link">
Welcome
</a>
</li>
<li class="md-nav__item">
<a href="../how-it-works/" title="How it works" class="md-nav__link">
How it works
</a>
</li>
<li class="md-nav__item">
<a href="../troubleshooting/" title="Troubleshooting" class="md-nav__link">
Troubleshooting
</a>
</li>
<li class="md-nav__item">
<a href="../kubectl-plugin/" title="kubectl plugin" class="md-nav__link">
kubectl plugin
</a>
</li>
<li class="md-nav__item">
<a href="../development/" title="Development" class="md-nav__link">
Development
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-2" type="checkbox" id="nav-2" checked>
<label class="md-nav__link" for="nav-2">
Deployment
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Deployment" data-md-level="1">
<label class="md-nav__title" for="nav-2">
<span class="md-nav__icon md-icon"></span>
Deployment
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Installation Guide
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" title="Installation Guide" class="md-nav__link md-nav__link--active">
Installation Guide
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="#contents" class="md-nav__link">
Contents
</a>
<nav class="md-nav" aria-label="Contents">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#provider-specific-steps" class="md-nav__link">
Provider Specific Steps
</a>
<nav class="md-nav" aria-label="Provider Specific Steps">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#docker-for-mac" class="md-nav__link">
Docker for Mac
</a>
</li>
<li class="md-nav__item">
<a href="#minikube" class="md-nav__link">
minikube
</a>
</li>
<li class="md-nav__item">
<a href="#aws" class="md-nav__link">
AWS
</a>
<nav class="md-nav" aria-label="AWS">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#network-load-balancer-nlb" class="md-nav__link">
Network Load Balancer (NLB)
</a>
</li>
<li class="md-nav__item">
<a href="#tls-termination-in-aws-load-balancer-elb" class="md-nav__link">
TLS termination in AWS Load Balancer (ELB)
</a>
</li>
<li class="md-nav__item">
<a href="#nlb-idle-timeouts" class="md-nav__link">
NLB Idle Timeouts
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#gce-gke" class="md-nav__link">
GCE-GKE
</a>
</li>
<li class="md-nav__item">
<a href="#azure" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="#digital-ocean" class="md-nav__link">
Digital Ocean
</a>
</li>
<li class="md-nav__item">
<a href="#scaleway" class="md-nav__link">
Scaleway
</a>
</li>
<li class="md-nav__item">
<a href="#bare-metal" class="md-nav__link">
Bare-metal
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#verify-installation" class="md-nav__link">
Verify installation
</a>
</li>
<li class="md-nav__item">
<a href="#detect-installed-version" class="md-nav__link">
Detect installed version
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-helm" class="md-nav__link">
Using Helm
</a>
</li>
<li class="md-nav__item">
<a href="#detect-installed-version_1" class="md-nav__link">
Detect installed version:
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="baremetal/" title="Bare-metal considerations" class="md-nav__link">
Bare-metal considerations
</a>
</li>
<li class="md-nav__item">
<a href="rbac/" title="Role Based Access Control (RBAC)" class="md-nav__link">
Role Based Access Control (RBAC)
</a>
</li>
<li class="md-nav__item">
<a href="upgrade/" title="Upgrade" class="md-nav__link">
Upgrade
</a>
</li>
<li class="md-nav__item">
<a href="hardening-guide/" title="Hardening guide" class="md-nav__link">
Hardening guide
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-3" type="checkbox" id="nav-3">
<label class="md-nav__link" for="nav-3">
User guide
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="User guide" data-md-level="1">
<label class="md-nav__title" for="nav-3">
<span class="md-nav__icon md-icon"></span>
User guide
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-3-1" type="checkbox" id="nav-3-1">
<label class="md-nav__link" for="nav-3-1">
NGINX Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="NGINX Configuration" data-md-level="2">
<label class="md-nav__title" for="nav-3-1">
<span class="md-nav__icon md-icon"></span>
NGINX Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../user-guide/nginx-configuration/" title="Introduction" class="md-nav__link">
Introduction
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/basic-usage/" title="Basic usage" class="md-nav__link">
Basic usage
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/nginx-configuration/annotations/" title="Annotations" class="md-nav__link">
Annotations
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/nginx-configuration/configmap/" title="ConfigMap" class="md-nav__link">
ConfigMap
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/nginx-configuration/custom-template/" title="Custom NGINX template" class="md-nav__link">
Custom NGINX template
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/nginx-configuration/log-format/" title="Log format" class="md-nav__link">
Log format
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../user-guide/cli-arguments/" title="Command line arguments" class="md-nav__link">
Command line arguments
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/custom-errors/" title="Custom errors" class="md-nav__link">
Custom errors
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/default-backend/" title="Default backend" class="md-nav__link">
Default backend
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
Exposing TCP and UDP services
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/fcgi-services/" title="Exposing FCGI services" class="md-nav__link">
Exposing FCGI services
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
Regular expressions in paths
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/external-articles/" title="External Articles" class="md-nav__link">
External Articles
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/miscellaneous/" title="Miscellaneous" class="md-nav__link">
Miscellaneous
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/monitoring/" title="Prometheus and Grafana installation" class="md-nav__link">
Prometheus and Grafana installation
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/multiple-ingress/" title="Multiple Ingress controllers" class="md-nav__link">
Multiple Ingress controllers
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/tls/" title="TLS/HTTPS" class="md-nav__link">
TLS/HTTPS
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-3-13" type="checkbox" id="nav-3-13">
<label class="md-nav__link" for="nav-3-13">
Third party addons
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Third party addons" data-md-level="2">
<label class="md-nav__title" for="nav-3-13">
<span class="md-nav__icon md-icon"></span>
Third party addons
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../user-guide/third-party-addons/modsecurity/" title="ModSecurity Web Application Firewall" class="md-nav__link">
ModSecurity Web Application Firewall
</a>
</li>
<li class="md-nav__item">
<a href="../user-guide/third-party-addons/opentracing/" title="OpenTracing" class="md-nav__link">
OpenTracing
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-4" type="checkbox" id="nav-4">
<label class="md-nav__link" for="nav-4">
Examples
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Examples" data-md-level="1">
<label class="md-nav__title" for="nav-4">
<span class="md-nav__icon md-icon"></span>
Examples
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../examples/" title="Introduction" class="md-nav__link">
Introduction
</a>
</li>
<li class="md-nav__item">
<a href="../examples/PREREQUISITES/" title="Prerequisites" class="md-nav__link">
Prerequisites
</a>
</li>
<li class="md-nav__item">
<a href="../examples/affinity/cookie/" title="Sticky Sessions" class="md-nav__link">
Sticky Sessions
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-4-4" type="checkbox" id="nav-4-4">
<label class="md-nav__link" for="nav-4-4">
Auth
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Auth" data-md-level="2">
<label class="md-nav__title" for="nav-4-4">
<span class="md-nav__icon md-icon"></span>
Auth
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../examples/auth/basic/" title="Basic Authentication" class="md-nav__link">
Basic Authentication
</a>
</li>
<li class="md-nav__item">
<a href="../examples/auth/client-certs/" title="Client Certificate Authentication" class="md-nav__link">
Client Certificate Authentication
</a>
</li>
<li class="md-nav__item">
<a href="../examples/auth/external-auth/" title="External Basic Authentication" class="md-nav__link">
External Basic Authentication
</a>
</li>
<li class="md-nav__item">
<a href="../examples/auth/oauth-external-auth/" title="External OAUTH Authentication" class="md-nav__link">
External OAUTH Authentication
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-4-5" type="checkbox" id="nav-4-5">
<label class="md-nav__link" for="nav-4-5">
Customization
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Customization" data-md-level="2">
<label class="md-nav__title" for="nav-4-5">
<span class="md-nav__icon md-icon"></span>
Customization
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../examples/customization/configuration-snippets/" title="Configuration Snippets" class="md-nav__link">
Configuration Snippets
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/custom-configuration/" title="Custom Configuration" class="md-nav__link">
Custom Configuration
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/custom-errors/" title="Custom Errors" class="md-nav__link">
Custom Errors
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/custom-headers/" title="Custom Headers" class="md-nav__link">
Custom Headers
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/external-auth-headers/" title="External authentication" class="md-nav__link">
External authentication
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/ssl-dh-param/" title="Custom DH parameters for perfect forward secrecy" class="md-nav__link">
Custom DH parameters for perfect forward secrecy
</a>
</li>
<li class="md-nav__item">
<a href="../examples/customization/sysctl/" title="Sysctl tuning" class="md-nav__link">
Sysctl tuning
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../examples/docker-registry/" title="Docker registry" class="md-nav__link">
Docker registry
</a>
</li>
<li class="md-nav__item">
<a href="../examples/grpc/" title="gRPC" class="md-nav__link">
gRPC
</a>
</li>
<li class="md-nav__item">
<a href="../examples/multi-tls/" title="Multi TLS certificate termination" class="md-nav__link">
Multi TLS certificate termination
</a>
</li>
<li class="md-nav__item">
<a href="../examples/rewrite/" title="Rewrite" class="md-nav__link">
Rewrite
</a>
</li>
<li class="md-nav__item">
<a href="../examples/static-ip/" title="Static IPs" class="md-nav__link">
Static IPs
</a>
</li>
<li class="md-nav__item">
<a href="../examples/tls-termination/" title="TLS termination" class="md-nav__link">
TLS termination
</a>
</li>
<li class="md-nav__item">
<a href="../examples/psp/" title="Pod Security Policy (PSP)" class="md-nav__link">
Pod Security Policy (PSP)
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="toc">
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="#contents" class="md-nav__link">
Contents
</a>
<nav class="md-nav" aria-label="Contents">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#provider-specific-steps" class="md-nav__link">
Provider Specific Steps
</a>
<nav class="md-nav" aria-label="Provider Specific Steps">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#docker-for-mac" class="md-nav__link">
Docker for Mac
</a>
</li>
<li class="md-nav__item">
<a href="#minikube" class="md-nav__link">
minikube
</a>
</li>
<li class="md-nav__item">
<a href="#aws" class="md-nav__link">
AWS
</a>
<nav class="md-nav" aria-label="AWS">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#network-load-balancer-nlb" class="md-nav__link">
Network Load Balancer (NLB)
</a>
</li>
<li class="md-nav__item">
<a href="#tls-termination-in-aws-load-balancer-elb" class="md-nav__link">
TLS termination in AWS Load Balancer (ELB)
</a>
</li>
<li class="md-nav__item">
<a href="#nlb-idle-timeouts" class="md-nav__link">
NLB Idle Timeouts
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#gce-gke" class="md-nav__link">
GCE-GKE
</a>
</li>
<li class="md-nav__item">
<a href="#azure" class="md-nav__link">
Azure
</a>
</li>
<li class="md-nav__item">
<a href="#digital-ocean" class="md-nav__link">
Digital Ocean
</a>
</li>
<li class="md-nav__item">
<a href="#scaleway" class="md-nav__link">
Scaleway
</a>
</li>
<li class="md-nav__item">
<a href="#bare-metal" class="md-nav__link">
Bare-metal
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#verify-installation" class="md-nav__link">
Verify installation
</a>
</li>
<li class="md-nav__item">
<a href="#detect-installed-version" class="md-nav__link">
Detect installed version
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-helm" class="md-nav__link">
Using Helm
</a>
</li>
<li class="md-nav__item">
<a href="#detect-installed-version_1" class="md-nav__link">
Detect installed version:
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content">
<article class="md-content__inner md-typeset">
<a href="https://github.com/kubernetes/ingress-nginx/edit/master/docs/deploy/index.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1 id="installation-guide">Installation Guide<a class="headerlink" href="#installation-guide" title="Permanent link"></a></h1>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>The default configuration watches Ingress object from <strong>all the namespaces</strong>.</p>
<p>To change this behavior use the flag <code>--watch-namespace</code> to limit the scope to a particular namespace.</p>
</div>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>If multiple Ingresses define paths for the same host, the ingress controller <strong>merges the definitions</strong>.</p>
</div>
<div class="admonition danger">
<p class="admonition-title">Danger</p>
<p>The <a href="https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/">admission webhook</a> requires connectivity between Kubernetes API server and the ingress controller.</p>
<p>In case <a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Network policies</a> or additional firewalls, please allow access to port <code>8443</code>.</p>
</div>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>The first time the ingress controller starts, two <a href="https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/">Jobs</a> create the SSL Certificate used by the admission webhook.
For this reason, there is an initial delay of up to two minutes until it is possible to create and validate Ingress definitions.</p>
<p>You can wait until it is ready to run the next command:</p>
<div class="highlight"><pre><span></span><code><span class="l l-Scalar l-Scalar-Plain">kubectl wait --namespace ingress-nginx \</span>
<span class="l l-Scalar l-Scalar-Plain">--for=condition=ready pod \</span>
<span class="l l-Scalar l-Scalar-Plain">--selector=app.kubernetes.io/component=controller \</span>
<span class="l l-Scalar l-Scalar-Plain">--timeout=120s</span>
</code></pre></div>
</div>
<h2 id="contents">Contents<a class="headerlink" href="#contents" title="Permanent link"></a></h2>
<ul>
<li><a href="#provider-specific-steps">Provider Specific Steps</a></li>
<li><a href="#docker-for-mac">Docker for Mac</a></li>
<li><a href="#minikube">minikube</a></li>
<li><a href="#aws">AWS</a></li>
<li><a href="#gce-gke">GCE - GKE</a></li>
<li><a href="#azure">Azure</a></li>
<li><a href="#digital-ocean">Digital Ocean</a></li>
<li><a href="#scaleway">Scaleway</a></li>
<li><a href="#bare-metal">Bare-metal</a></li>
<li><a href="#verify-installation">Verify installation</a></li>
<li><a href="#detect-installed-version">Detect installed version</a></li>
<li><a href="#using-helm">Using Helm</a></li>
</ul>
<h3 id="provider-specific-steps">Provider Specific Steps<a class="headerlink" href="#provider-specific-steps" title="Permanent link"></a></h3>
<h4 id="docker-for-mac">Docker for Mac<a class="headerlink" href="#docker-for-mac" title="Permanent link"></a></h4>
<p>Kubernetes is available in Docker for Mac (from <a href="https://docs.docker.com/docker-for-mac/release-notes/#stable-releases-of-2018">version 18.06.0-ce</a>)</p>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div>
<h4 id="minikube">minikube<a class="headerlink" href="#minikube" title="Permanent link"></a></h4>
<p>For standard usage:</p>
<div class="highlight"><pre><span></span><code><span class="go">minikube addons enable ingress</span>
</code></pre></div>
<h4 id="aws">AWS<a class="headerlink" href="#aws" title="Permanent link"></a></h4>
<p>In AWS we use a Network load balancer (NLB) to expose the NGINX Ingress controller behind a Service of <code>Type=LoadBalancer</code>.</p>
<h5 id="network-load-balancer-nlb">Network Load Balancer (NLB)<a class="headerlink" href="#network-load-balancer-nlb" title="Permanent link"></a></h5>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/aws/deploy.yaml</span>
</code></pre></div>
<h5 id="tls-termination-in-aws-load-balancer-elb">TLS termination in AWS Load Balancer (ELB)<a class="headerlink" href="#tls-termination-in-aws-load-balancer-elb" title="Permanent link"></a></h5>
<p>In some scenarios is required to terminate TLS in the Load Balancer and not in the ingress controller.</p>
<p>For this purpose we provide a template:</p>
<ul>
<li>Download <a href="https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/aws/deploy-tls-termination.yaml">deploy-tls-termination.yaml</a></li>
</ul>
<div class="highlight"><pre><span></span><code><span class="go">wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/aws/deploy-tls-termination.yaml</span>
</code></pre></div>
<ul>
<li>
<p>Edit the file and change:</p>
</li>
<li>
<p>VPC CIDR in use for the Kubernetes cluster:</p>
</li>
</ul>
<p><code>proxy-real-ip-cidr: XXX.XXX.XXX/XX</code></p>
<ul>
<li>AWS Certificate Manager (ACM) ID</li>
</ul>
<p><code>arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX</code></p>
<ul>
<li>Deploy the manifest:</li>
</ul>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f deploy-tls-termination.yaml</span>
</code></pre></div>
<h5 id="nlb-idle-timeouts">NLB Idle Timeouts<a class="headerlink" href="#nlb-idle-timeouts" title="Permanent link"></a></h5>
<p>Idle timeout value for TCP flows is 350 seconds and <a href="https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout">cannot be modified</a>.</p>
<p>For this reason, you need to ensure the <a href="http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout">keepalive_timeout</a> value is configured less than 350 seconds to work as expected.</p>
<p>By default NGINX <code>keepalive_timeout</code> is set to <code>75s</code>.</p>
<p>More information with regards to timeouts can be found in the <a href="https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout">official AWS documentation</a></p>
<h4 id="gce-gke">GCE-GKE<a class="headerlink" href="#gce-gke" title="Permanent link"></a></h4>
<div class="admonition info">
<p class="admonition-title">Info</p>
<p>Initialize your user as a cluster-admin with the following command:
<div class="highlight"><pre><span></span><code><span class="go">kubectl create clusterrolebinding cluster-admin-binding \</span>
<span class="go"> --clusterrole cluster-admin \</span>
<span class="go"> --user $(gcloud config get-value account)</span>
</code></pre></div></p>
</div>
<div class="admonition danger">
<p class="admonition-title">Danger</p>
<p>For private clusters, you will need to either add an additional firewall rule that allows master nodes access to port <code>8443/tcp</code> on worker nodes, or change the existing rule that allows access to ports <code>80/tcp</code>, <code>443/tcp</code> and <code>10254/tcp</code> to also allow access to port <code>8443/tcp</code>.</p>
<p>See the <a href="https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules">GKE documentation</a> on adding rules and the <a href="https://github.com/kubernetes/kubernetes/issues/79739">Kubernetes issue</a> for more detail.</p>
</div>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div>
<div class="admonition failure important">
<p class="admonition-title">Failure</p>
<p>Proxy protocol is not supported in GCE/GKE</p>
</div>
<h4 id="azure">Azure<a class="headerlink" href="#azure" title="Permanent link"></a></h4>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/cloud/deploy.yaml</span>
</code></pre></div>
<h4 id="digital-ocean">Digital Ocean<a class="headerlink" href="#digital-ocean" title="Permanent link"></a></h4>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/do/deploy.yaml</span>
</code></pre></div>
<h4 id="scaleway">Scaleway<a class="headerlink" href="#scaleway" title="Permanent link"></a></h4>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/scw/deploy.yaml</span>
</code></pre></div>
<h4 id="bare-metal">Bare-metal<a class="headerlink" href="#bare-metal" title="Permanent link"></a></h4>
<p>Using <a href="https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport">NodePort</a>:</p>
<div class="highlight"><pre><span></span><code><span class="go">kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/baremetal/deploy.yaml</span>
</code></pre></div>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>For extended notes regarding deployments on bare-metal, see <a href="baremetal/">Bare-metal considerations</a>.</p>
</div>
<h3 id="verify-installation">Verify installation<a class="headerlink" href="#verify-installation" title="Permanent link"></a></h3>
<div class="admonition info">
<p class="admonition-title">Info</p>
<p>In minikube the ingress addon is installed in the namespace <strong>kube-system</strong> instead of ingress-nginx</p>
</div>
<p>To check if the ingress controller pods have started, run the following command:</p>
<div class="highlight"><pre><span></span><code><span class="go">kubectl get pods -n ingress-nginx \</span>
<span class="go"> -l app.kubernetes.io/name=ingress-nginx --watch</span>
</code></pre></div>
<p>Once the ingress controller pods are running, you can cancel the command typing <code>Ctrl+C</code>.</p>
<p>Now, you are ready to create your first ingress.</p>
<h3 id="detect-installed-version">Detect installed version<a class="headerlink" href="#detect-installed-version" title="Permanent link"></a></h3>
<p>To detect which version of the ingress controller is running, exec into the pod and run <code>nginx-ingress-controller version</code> command.</p>
<div class="highlight"><pre><span></span><code><span class="go">POD_NAMESPACE=ingress-nginx</span>
<span class="go">POD_NAME=$(kubectl get pods -n $POD_NAMESPACE -l app.kubernetes.io/name=ingress-nginx --field-selector=status.phase=Running -o jsonpath=&#39;{.items[0].metadata.name}&#39;)</span>
<span class="go">kubectl exec -it $POD_NAME -n $POD_NAMESPACE -- /nginx-ingress-controller --version</span>
</code></pre></div>
<h2 id="using-helm">Using Helm<a class="headerlink" href="#using-helm" title="Permanent link"></a></h2>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>Only helm3 is supported</p>
</div>
<p>NGINX Ingress controller can be installed via <a href="https://helm.sh/">Helm</a> using the chart from the project repository.
To install the chart with the release name <code>ingress-nginx</code>:</p>
<div class="highlight"><pre><span></span><code><span class="go">helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx</span>
<span class="go">helm repo update</span>
<span class="go">helm install my-release ingress-nginx/ingress-nginx</span>
</code></pre></div>
<h2 id="detect-installed-version_1">Detect installed version:<a class="headerlink" href="#detect-installed-version_1" title="Permanent link"></a></h2>
<div class="highlight"><pre><span></span><code><span class="go">POD_NAME=$(kubectl get pods -l app.kubernetes.io/name=ingress-nginx -o jsonpath=&#39;{.items[0].metadata.name}&#39;)</span>
<span class="go">kubectl exec -it $POD_NAME -- /nginx-ingress-controller --version</span>
</code></pre></div>
</article>
</div>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-nav">
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
<a href="../development/" title="Development" class="md-footer-nav__link md-footer-nav__link--prev" rel="prev">
<div class="md-footer-nav__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</div>
<div class="md-footer-nav__title">
<div class="md-ellipsis">
<span class="md-footer-nav__direction">
Previous
</span>
Development
</div>
</div>
</a>
<a href="baremetal/" title="Bare-metal considerations" class="md-footer-nav__link md-footer-nav__link--next" rel="next">
<div class="md-footer-nav__title">
<div class="md-ellipsis">
<span class="md-footer-nav__direction">
Next
</span>
Bare-metal considerations
</div>
</div>
<div class="md-footer-nav__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
</div>
</a>
</nav>
</div>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-footer-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<script src="../assets/javascripts/vendor.3636a4ec.min.js"></script>
<script src="../assets/javascripts/bundle.e9fe3281.min.js"></script><script id="__lang" type="application/json">{"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents"}</script>
<script>
app = initialize({
base: "..",
features: ["tabs", "instant"],
search: Object.assign({
worker: "../assets/javascripts/worker/search.5eca75d3.min.js"
}, typeof search !== "undefined" && search)
})
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink