Setting up an ingress involves a few steps:
- Installing an ingress controller. Nginx is the most common ingress controller. The helm chart is available here.
To identify the ingress controller, we assign it a name as an "ingress class" which can be used later to refer to it in the ingress object.
controller.ingressClass: "nginx-ingress-internal"
We can tell the ingress controller what certificate to use via an annotation. This can be defined as a value passed to the helm chart:
controller.service.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "<arn-of-your-certificate>"
The ingress controller uses an ELB. If we want to use an internal ELB, we can pass an annotation as a value to the helm chart:
controller.service.annotations.service.beta.kubernetes.io/aws-load-balancer-internal: "0.0.0.0/0"
- Tell external-dns to create records for the domain. External-dns is installed and managed as a helm chart too. The helm chart is available here. To tell external-dns to start creating records for the zone we add it as a value to the domainFilters chart value.
domainFilters[0]: "foo"
- Create your ingress objects. An ingress object is used to instruct the ingress controller to listen for requests. In your ingress, you can include an annotation to indicate what ingress controller to use.
kubernetes.io/ingress.class: nginx-ingress-internal
An example ingress:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-our-ingress
namespace: default
annotations:
kubernetes.io/ingress.class: nginx-ingress-internal
spec:
rules:
- host: foo.domain.com
http:
paths:
- backend:
serviceName: test-service-name
servicePort: http
path: /