2018-04-24 09:36:16 +00:00
# Installation Guide
## Contents
2018-10-29 13:07:54 +00:00
- [Prerequisite Generic Deployment Command ](#prerequisite-generic-deployment-command )
2018-07-05 10:11:21 +00:00
- [Provider Specific Steps ](#provider-specific-steps )
- [Docker for Mac ](#docker-for-mac )
- [minikube ](#minikube )
- [AWS ](#aws )
2018-08-20 18:04:56 +00:00
- [GCE - GKE ](#gce-gke )
2018-07-05 10:11:21 +00:00
- [Azure ](#azure )
2018-09-04 19:32:47 +00:00
- [Bare-metal ](#bare-metal )
2018-07-05 10:11:21 +00:00
- [Verify installation ](#verify-installation )
- [Detect installed version ](#detect-installed-version )
2018-04-24 09:36:16 +00:00
- [Using Helm ](#using-helm )
2018-10-15 21:03:56 +00:00
## Prerequisite Generic Deployment Command
2018-04-24 09:36:16 +00:00
2019-04-30 16:45:58 +00:00
!!! attention
2019-06-05 14:59:38 +00:00
The default configuration watches Ingress object from *all the namespaces* .
2018-09-13 13:24:18 +00:00
To change this behavior use the flag `--watch-namespace` to limit the scope to a particular namespace.
!!! warning
If multiple Ingresses define different paths for the same host, the ingress controller will merge the definitions.
2019-06-05 14:59:38 +00:00
!!! attention
If you're using GKE you need to initialize your user as a cluster-admin with the following command:
```console
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin \
--user $(gcloud config get-value account)
```
2018-07-05 10:11:21 +00:00
### Provider Specific Steps
2018-04-24 09:36:16 +00:00
2019-06-05 14:59:38 +00:00
There are cloud provider specific yaml files.
2018-04-24 09:36:16 +00:00
2018-07-05 10:11:21 +00:00
#### Docker for Mac
2018-04-24 09:36:16 +00:00
2018-07-28 13:27:14 +00:00
Kubernetes is available in Docker for Mac (from [version 18.06.0-ce ](https://docs.docker.com/docker-for-mac/release-notes/#stable-releases-of-2018 ))
2018-04-24 09:36:16 +00:00
[enable]: https://docs.docker.com/docker-for-mac/#kubernetes
2019-06-05 14:59:38 +00:00
Create a service
```console
2020-03-30 22:45:58 +00:00
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml
2019-06-05 14:59:38 +00:00
```
2018-04-24 09:36:16 +00:00
2018-07-05 10:11:21 +00:00
#### minikube
2018-04-24 09:36:16 +00:00
For standard usage:
```console
minikube addons enable ingress
```
For development:
1. Disable the ingress addon:
```console
2019-06-05 14:59:38 +00:00
minikube addons disable ingress
2018-04-24 09:36:16 +00:00
```
2018-05-17 21:50:21 +00:00
2. Execute `make dev-env`
3. Confirm the `nginx-ingress-controller` deployment exists:
2018-04-24 09:36:16 +00:00
```console
2019-06-05 14:59:38 +00:00
$ kubectl get pods -n ingress-nginx
2018-04-24 09:36:16 +00:00
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-fdcdcd6dd-vvpgs 1/1 Running 0 11s
```
2018-07-05 10:11:21 +00:00
#### AWS
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
In AWS we use a Network load balancer (NLB) to expose the NGINX Ingress controller behind a Service of `Type=LoadBalancer` .
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
##### Network Load Balancer (NLB)
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
```console
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/aws/deploy.yaml
```
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
##### TLS termination in the Load Balancer (ELB)
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
In some scenarios is not possible to terminate TLS in the ingress controller but in the Load Balancer.
For this purpose we provide a template:
2018-09-06 04:14:07 +00:00
2020-03-30 22:45:58 +00:00
1. Download [deploy-tls-termination.yaml ](https://raw.githubusercontent.com/kubernetes/ingress-nginx/204739fb6650c48fd41dc9505f8fd9ef6bc768e1/deploy/static/provider/aws/deploy-tls-termination.yaml )
2018-04-24 09:36:16 +00:00
2019-06-05 14:59:38 +00:00
```console
2020-03-30 22:45:58 +00:00
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/204739fb6650c48fd41dc9505f8fd9ef6bc768e1/deploy/static/provider/aws/deploy-tls-termination.yaml
2019-04-30 16:45:58 +00:00
```
2020-03-30 22:45:58 +00:00
2. Change:
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
- Set the VPC CIDR: `proxy-real-ip-cidr: XXX.XXX.XXX/XX`
- Change the AWS Certificate Manager (ACM) ID `service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX`
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
3. Deploy the manifests:
2019-04-30 16:45:58 +00:00
2019-06-05 14:59:38 +00:00
```console
2020-03-30 22:45:58 +00:00
kubectl apply -f deploy-tls-termination.yaml
2019-04-30 16:45:58 +00:00
```
2020-03-30 22:45:58 +00:00
##### NLB Idle Timeouts
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
In some scenarios users will need to modify the value of the NLB idle timeout. Users need to ensure the idle timeout is less than the [keepalive_timeout ](http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout ) that is configured for NGINX.
By default NGINX `keepalive_timeout` is set to `75s` .
2018-09-06 04:14:07 +00:00
2020-03-30 22:45:58 +00:00
The default NLB idle timeout will work for most scenarios, unless the NGINX [keepalive_timeout ](http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout ) has been modified, in which case `service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout` will need to be modified to ensure it is less than the `keepalive_timeout` the user has configured.
2018-09-06 04:14:07 +00:00
_Please Note: An idle timeout of `3600s` is recommended when using WebSockets._
2020-03-30 22:45:58 +00:00
More information with regards to idle timeouts for your Load Balancer can be found in the [official AWS documentation ](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout ).
2018-04-24 09:36:16 +00:00
2019-03-10 13:13:34 +00:00
#### GCE-GKE
2018-04-24 09:36:16 +00:00
2019-06-05 14:59:38 +00:00
```console
2020-03-30 22:45:58 +00:00
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml
2019-06-05 14:59:38 +00:00
```
2018-04-24 09:36:16 +00:00
**Important Note:** proxy protocol is not supported in GCE/GKE
2018-07-05 10:11:21 +00:00
#### Azure
2018-04-24 09:36:16 +00:00
2019-06-05 14:59:38 +00:00
```console
2020-03-30 22:45:58 +00:00
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml
2019-06-05 14:59:38 +00:00
```
2018-04-24 09:36:16 +00:00
2018-09-04 19:32:47 +00:00
#### Bare-metal
2018-04-24 09:36:16 +00:00
Using [NodePort ](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ):
2019-06-05 14:59:38 +00:00
```console
2020-03-30 22:45:58 +00:00
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/baremetal/deploy.yaml
2019-06-05 14:59:38 +00:00
```
2018-04-24 09:36:16 +00:00
2018-09-04 19:32:47 +00:00
!!! tip
2018-11-22 02:24:34 +00:00
For extended notes regarding deployments on bare-metal, see [Bare-metal considerations ](./baremetal.md ).
2018-09-04 19:32:47 +00:00
2018-07-05 10:11:21 +00:00
### Verify installation
2018-04-24 09:36:16 +00:00
2018-07-05 10:11:21 +00:00
To check if the ingress controller pods have started, run the following command:
2018-04-24 09:36:16 +00:00
```console
2018-09-04 03:25:30 +00:00
kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx --watch
2018-04-24 09:36:16 +00:00
```
2018-07-05 10:11:21 +00:00
Once the operator pods are running, you can cancel the above command by typing `Ctrl+C` .
Now, you are ready to create your first ingress.
### Detect installed version
To detect which version of the ingress controller is running, exec into the pod and run `nginx-ingress-controller version` command.
2018-04-24 09:36:16 +00:00
```console
2018-07-05 10:11:21 +00:00
POD_NAMESPACE=ingress-nginx
2018-09-04 03:25:30 +00:00
POD_NAME=$(kubectl get pods -n $POD_NAMESPACE -l app.kubernetes.io/name=ingress-nginx -o jsonpath='{.items[0].metadata.name}')
2019-06-05 14:59:38 +00:00
2018-07-05 10:11:21 +00:00
kubectl exec -it $POD_NAME -n $POD_NAMESPACE -- /nginx-ingress-controller --version
2018-04-24 09:36:16 +00:00
```
2018-07-05 10:11:21 +00:00
## Using Helm
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
NGINX Ingress controller can be installed via [Helm ](https://helm.sh/ ) using the chart from the project repository.
To install the chart with the release name `ingress-nginx` :
2018-04-24 09:36:16 +00:00
```console
2020-03-30 22:45:58 +00:00
helm repo add k8s-ingress-nginx https://kubernetes.github.io/ingress-nginx/
helm install ingress-nginx k8s-ingress-nginx
2020-02-06 23:47:28 +00:00
```
If you are using [Helm 2 ](https://v2.helm.sh/ ) then specify release name using `--name` flag
```console
2020-03-30 22:45:58 +00:00
helm repo add k8s-ingress-nginx https://kubernetes.github.io/ingress-nginx/
helm install k8s-ingress-nginx --name ingress-nginx
2018-07-05 10:11:21 +00:00
```
2018-04-24 09:36:16 +00:00
2020-03-30 22:45:58 +00:00
### Detect installed version:
2018-04-24 09:36:16 +00:00
```console
2018-09-04 03:25:30 +00:00
POD_NAME=$(kubectl get pods -l app.kubernetes.io/name=ingress-nginx -o jsonpath='{.items[0].metadata.name}')
2018-07-05 10:11:21 +00:00
kubectl exec -it $POD_NAME -- /nginx-ingress-controller --version
2018-04-24 09:36:16 +00:00
```
