AKS with Static IP and Custom Cert / AKS Ingress issues
Well, for the last 2 days I battled this documentation:
https://docs.microsoft.com/en-au/azure/aks/static-ip
and
https://docs.microsoft.com/en-au/azure/aks/ingress-own-tls
First of all I ensured that I had my aks k8s cluster upgraded to 1.11.5, so there is no question about having the static IP in a different resource group.
Overall, I could not get the static IP really working. With dynamic everything sounds fine, but I cannot add a A record for a dynamic IP.
I managed to deploy everything successfully, but any curl ip.. does not work. I did run exec -ti locally, and locally everything is fine.
Could someone please point me to a GitHub config or article that has this configuration running? As a disclaimer I know azure very well, so well the service principal assignments are well done, etc. However, I am new, only a few months on k8s.
Thanks in advance for any suggestion.
I can share logs if needed but believe I did check everything from dns to ingress routes. I am worried that this doc is not good and I am just loosing my time.
azure 
kubernetes kubernetes-ingress azure-aks asked 22 hours ago
user3053247
261415
|
show 1 more comment
Well, for the last 2 days I battled this documentation:
https://docs.microsoft.com/en-au/azure/aks/static-ip
and
https://docs.microsoft.com/en-au/azure/aks/ingress-own-tls
First of all I ensured that I had my aks k8s cluster upgraded to 1.11.5, so there is no question about having the static IP in a different resource group.
Overall, I could not get the static IP really working. With dynamic everything sounds fine, but I cannot add a A record for a dynamic IP.
I managed to deploy everything successfully, but any curl ip.. does not work. I did run exec -ti locally, and locally everything is fine.
Could someone please point me to a GitHub config or article that has this configuration running? As a disclaimer I know azure very well, so well the service principal assignments are well done, etc. However, I am new, only a few months on k8s.
Thanks in advance for any suggestion.
I can share logs if needed but believe I did check everything from dns to ingress routes. I am worried that this doc is not good and I am just loosing my time.
azure kubernetes kubernetes-ingress azure-aks asked 22 hours ago
user3053247
261415
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago
|
show 1 more comment
Well, for the last 2 days I battled this documentation:
https://docs.microsoft.com/en-au/azure/aks/static-ip
and
https://docs.microsoft.com/en-au/azure/aks/ingress-own-tls
First of all I ensured that I had my aks k8s cluster upgraded to 1.11.5, so there is no question about having the static IP in a different resource group.
Overall, I could not get the static IP really working. With dynamic everything sounds fine, but I cannot add a A record for a dynamic IP.
I managed to deploy everything successfully, but any curl ip.. does not work. I did run exec -ti locally, and locally everything is fine.
Could someone please point me to a GitHub config or article that has this configuration running? As a disclaimer I know azure very well, so well the service principal assignments are well done, etc. However, I am new, only a few months on k8s.
Thanks in advance for any suggestion.
I can share logs if needed but believe I did check everything from dns to ingress routes. I am worried that this doc is not good and I am just loosing my time.
azure kubernetes kubernetes-ingress azure-aks asked 22 hours ago
user3053247
261415
Well, for the last 2 days I battled this documentation:
https://docs.microsoft.com/en-au/azure/aks/static-ip
and
https://docs.microsoft.com/en-au/azure/aks/ingress-own-tls
First of all I ensured that I had my aks k8s cluster upgraded to 1.11.5, so there is no question about having the static IP in a different resource group.
Overall, I could not get the static IP really working. With dynamic everything sounds fine, but I cannot add a A record for a dynamic IP.
I managed to deploy everything successfully, but any curl ip.. does not work. I did run exec -ti locally, and locally everything is fine.
Could someone please point me to a GitHub config or article that has this configuration running? As a disclaimer I know azure very well, so well the service principal assignments are well done, etc. However, I am new, only a few months on k8s.
Thanks in advance for any suggestion.
I can share logs if needed but believe I did check everything from dns to ingress routes. I am worried that this doc is not good and I am just loosing my time.
azure kubernetes kubernetes-ingress azure-aks azure kubernetes kubernetes-ingress azure-aks asked 22 hours ago
user3053247
261415
asked 22 hours ago
user3053247
261415
asked 22 hours ago
user3053247
261415
asked 22 hours ago
user3053247
261415
asked 22 hours ago
user3053247
261415
261415
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago
|
show 1 more comment
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago
|
show 1 more comment
2 Answers
2
active
oldest
votes
Answering myself this question, after quite a journey, for when I get older and I forget what I've done, and maybe my nephew will save some hours someday.
- First, it's important:
In the values provided to nginx-ingress chart template, there are 2 annotations that are important:
service.beta.kubernetes.io/azure-load-balancer-resource-group: "your IP's resource group"
externalTrafficPolicy: "Local"
Here are all the values documented: https://github.com/helm/charts/blob/master/stable/nginx-ingress/values.yaml
The chart can be deployed near your service's namespace, it should not be in kube-system (with my current knowledge I don't find a reason to have it in system).
- Second, could be misleading
There is a delay of ~30+ seconds (in my case) from the moment when IP appeared in the kubectl get services --watch and till the moment curl -i IP was able to answer the call. So, if you have automation or health probes then ensure that you have 1 - 2 mins added to wait. Or maybe take better nodes, bare metal machines.
- Look at GCE and DO for the same setup as might help:
https://cloud.google.com/community/tutorials/nginx-ingress-gke
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes
The guys at DO, are good writes as well.
Good luck!
answered 2 hours ago
user3053247
261415
add a comment |
Based on your comments, it seems that you are trying to override the externalIPs but use the default value of the helm chart for controller.service.type which is LoadBalancer. What you might want to do is to keep controller.service.type to LoadBalancer and set controller.service.loadBalancerIP with your static IP instead of overriding externalIPs.
Here some documentation from microsoft.
answered 2 hours ago
Jean-Philippe Bond
7,39122853
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53942718%2faks-with-static-ip-and-custom-cert-aks-ingress-issues%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Answering myself this question, after quite a journey, for when I get older and I forget what I've done, and maybe my nephew will save some hours someday.
- First, it's important:
In the values provided to nginx-ingress chart template, there are 2 annotations that are important:
service.beta.kubernetes.io/azure-load-balancer-resource-group: "your IP's resource group"
externalTrafficPolicy: "Local"
Here are all the values documented: https://github.com/helm/charts/blob/master/stable/nginx-ingress/values.yaml
The chart can be deployed near your service's namespace, it should not be in kube-system (with my current knowledge I don't find a reason to have it in system).
- Second, could be misleading
There is a delay of ~30+ seconds (in my case) from the moment when IP appeared in the kubectl get services --watch and till the moment curl -i IP was able to answer the call. So, if you have automation or health probes then ensure that you have 1 - 2 mins added to wait. Or maybe take better nodes, bare metal machines.
- Look at GCE and DO for the same setup as might help:
https://cloud.google.com/community/tutorials/nginx-ingress-gke
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes
The guys at DO, are good writes as well.
Good luck!
answered 2 hours ago
user3053247
261415
add a comment |
Answering myself this question, after quite a journey, for when I get older and I forget what I've done, and maybe my nephew will save some hours someday.
- First, it's important:
In the values provided to nginx-ingress chart template, there are 2 annotations that are important:
service.beta.kubernetes.io/azure-load-balancer-resource-group: "your IP's resource group"
externalTrafficPolicy: "Local"
Here are all the values documented: https://github.com/helm/charts/blob/master/stable/nginx-ingress/values.yaml
The chart can be deployed near your service's namespace, it should not be in kube-system (with my current knowledge I don't find a reason to have it in system).
- Second, could be misleading
There is a delay of ~30+ seconds (in my case) from the moment when IP appeared in the kubectl get services --watch and till the moment curl -i IP was able to answer the call. So, if you have automation or health probes then ensure that you have 1 - 2 mins added to wait. Or maybe take better nodes, bare metal machines.
- Look at GCE and DO for the same setup as might help:
https://cloud.google.com/community/tutorials/nginx-ingress-gke
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes
The guys at DO, are good writes as well.
Good luck!
answered 2 hours ago
user3053247
261415
add a comment |
Answering myself this question, after quite a journey, for when I get older and I forget what I've done, and maybe my nephew will save some hours someday.
- First, it's important:
In the values provided to nginx-ingress chart template, there are 2 annotations that are important:
service.beta.kubernetes.io/azure-load-balancer-resource-group: "your IP's resource group"
externalTrafficPolicy: "Local"
Here are all the values documented: https://github.com/helm/charts/blob/master/stable/nginx-ingress/values.yaml
The chart can be deployed near your service's namespace, it should not be in kube-system (with my current knowledge I don't find a reason to have it in system).
- Second, could be misleading
There is a delay of ~30+ seconds (in my case) from the moment when IP appeared in the kubectl get services --watch and till the moment curl -i IP was able to answer the call. So, if you have automation or health probes then ensure that you have 1 - 2 mins added to wait. Or maybe take better nodes, bare metal machines.
- Look at GCE and DO for the same setup as might help:
https://cloud.google.com/community/tutorials/nginx-ingress-gke
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes
The guys at DO, are good writes as well.
Good luck!
answered 2 hours ago
user3053247
261415
Answering myself this question, after quite a journey, for when I get older and I forget what I've done, and maybe my nephew will save some hours someday.
- First, it's important:
In the values provided to nginx-ingress chart template, there are 2 annotations that are important:
service.beta.kubernetes.io/azure-load-balancer-resource-group: "your IP's resource group"
externalTrafficPolicy: "Local"
Here are all the values documented: https://github.com/helm/charts/blob/master/stable/nginx-ingress/values.yaml
The chart can be deployed near your service's namespace, it should not be in kube-system (with my current knowledge I don't find a reason to have it in system).
- Second, could be misleading
There is a delay of ~30+ seconds (in my case) from the moment when IP appeared in the kubectl get services --watch and till the moment curl -i IP was able to answer the call. So, if you have automation or health probes then ensure that you have 1 - 2 mins added to wait. Or maybe take better nodes, bare metal machines.
- Look at GCE and DO for the same setup as might help:
https://cloud.google.com/community/tutorials/nginx-ingress-gke
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes
The guys at DO, are good writes as well.
Good luck!
answered 2 hours ago
user3053247
261415
answered 2 hours ago
user3053247
261415
answered 2 hours ago
user3053247
261415
answered 2 hours ago
user3053247
261415
261415
add a comment |
add a comment |
Based on your comments, it seems that you are trying to override the externalIPs but use the default value of the helm chart for controller.service.type which is LoadBalancer. What you might want to do is to keep controller.service.type to LoadBalancer and set controller.service.loadBalancerIP with your static IP instead of overriding externalIPs.
Here some documentation from microsoft.
answered 2 hours ago
Jean-Philippe Bond
7,39122853
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
add a comment |
Based on your comments, it seems that you are trying to override the externalIPs but use the default value of the helm chart for controller.service.type which is LoadBalancer. What you might want to do is to keep controller.service.type to LoadBalancer and set controller.service.loadBalancerIP with your static IP instead of overriding externalIPs.
Here some documentation from microsoft.
answered 2 hours ago
Jean-Philippe Bond
7,39122853
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
add a comment |
Based on your comments, it seems that you are trying to override the externalIPs but use the default value of the helm chart for controller.service.type which is LoadBalancer. What you might want to do is to keep controller.service.type to LoadBalancer and set controller.service.loadBalancerIP with your static IP instead of overriding externalIPs.
Here some documentation from microsoft.
answered 2 hours ago
Jean-Philippe Bond
7,39122853
Based on your comments, it seems that you are trying to override the externalIPs but use the default value of the helm chart for controller.service.type which is LoadBalancer. What you might want to do is to keep controller.service.type to LoadBalancer and set controller.service.loadBalancerIP with your static IP instead of overriding externalIPs.
Here some documentation from microsoft.
answered 2 hours ago
Jean-Philippe Bond
7,39122853
edited 2 hours ago
answered 2 hours ago
Jean-Philippe Bond
7,39122853
answered 2 hours ago
Jean-Philippe Bond
7,39122853
answered 2 hours ago
Jean-Philippe Bond
7,39122853
7,39122853
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
add a comment |
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
Yes, I realized that and corrected it to use loadBalancerIP; but even using this I did not get it working until I got through the items that I mentioned. One more important item, that I forgot to add: using Public IP Basic SKU worked, but using Public IP Standard SKU did not. I am not sure if I need to set anything else here to get Standard working, but for now I go with Basic as I ran out of time.
– user3053247
10 mins ago
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53942718%2faks-with-static-ip-and-custom-cert-aks-ingress-issues%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
you can use cname with dynamic ip, if you know azure very well you should know that. does your service work? did you create your ingress? what about controller?
– 4c74356b41
22 hours ago
I am using cname right now with cloud services, but for some technical & business reasons I will not be able to use it in k8s. I did create the ingress and the controller, both deployed fine without any error.
– user3053247
13 hours ago
and because of that you choose to ignore other 3 questions i've asked?
– 4c74356b41
13 hours ago
sorry, it was not intentional. yes, did create the ingress and the controller. this is ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: kdwk-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / # certmanager.k8s.io/cluster-issuer: letsencrypt-staging spec: - http: paths: - path: / backend: serviceName: dwk-at servicePort: 80
– user3053247
13 hours ago
and for controller I used helm install stable/nginx-ingress with the override of externalIPs.
– user3053247
13 hours ago