Setting up NGINX Ingress Controller with EKS

Setting up NGINX Ingress Controller with Amszon EKS

Ingress Controller is required so that Ingress resources come to life. There are various implementations available for Ingress Controller. This post focuses on setting up Community version of NGINX Ingress Controller with EKS using Helm Chart.

I have already setup EKS Cluster using eksctl.

Setting up Amazon EKS Cluster in the fastest and easiest way !

For simplicity I am going to use AWS CloudShell to setup the Ingress Controller and sample pods.

Step — Install OpenSSL

sudo yum install openssl

Step — Install Helm

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh 

chmod 700 get_helm.sh 

./get_helm.sh

Step — Install Ingress Controller

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

helm upgrade --install ingress-nginx ingress-nginx \ 
             --repo https://kubernetes.github.io/ingress-nginx \ 
             --namespace ingress-nginx \
             --create-namespace

Step — Verify Ingress Controller resources

This should be done before deploying any ingress resources and pods.

The earlier step creates

• ingress-nginx namespace
• ingress-controller pod
• ingress-nginx-controller service
• ingress-nginx-controller-admission service (Validating admission controller which helps in preventing outages due to wrong ingress configuration)
• EXTERNAL-IP with a58xx.elb.amazonaws.com

Ingress Controller is created in ingress-nginx namespace

Ingress Controller Pod , Service and Load Balancer is created

The external IP in turn points to AWS Load Balancer DNS Name which gets created when the Ingress Controller is installed.

Ingress Controller — External-IP to AWS Load Balancer Mapping

Step — Create Deployment and Expose it as a service

# create deployment
kubectl create deployment demo  --image=httpd  --port=80 
# expose deployment as a service
kubectl expose deployment demo

This should create demo pod and expose it as a service

Step — Create Ingress resource to route request to demo service

kubectl create ingress demo --class=nginx \
  --rule www.demo.io/=demo:80

Ingress Controller routes the request to appropriate service based on Ingress Rule. In this example requests to ‘www.demo.io’ are routed to demo service.

In order to simulate the real domain I have used curl — resolve command.

AWS Load Balancer does not provide an IP address so in order to get the IP address I have used curl -v command which returns 3.108.142.158 address.

curl — resolve www.demo.io:80:3.108.142.158 http://www.demo.io

This returns the humble It works response.

Ingress Controller routing request to demo service

The request flows from AWS Load Balancer-> NGINX Ingress Controller -> (in turn based on Ingress Rule routes the request to appropriate ->Service->Pod

Note : AWS Load Balancer Type

If we check the load balancer type , it is of type Classic load balancer.

Classic Load Balancer Created

This works fine but going forward you should be moving away from Classic Load Balancer to NLB.

EC2-Classic Networking is Retiring - Here's How to Prepare | Amazon Web Services

Create NLB when installing Ingress Controller

First uninstall existing ingress controller and then reinstall it again with NLB configuration.

# uninstall ingress controller
helm uninstall ingress-nginx -n ingress-ngins

# install ingress controller with NLB
helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx  --namespace ingress-nginx --create-namespace \
  --set-string controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-type"="nlb"

This should create the NLB.

Now if you follow the earlier steps to verify the response via Ingress Controller you should get It Works response with NLB.

Ingress Controller response via NLB

Thus NGINX Ingress Controller is setup in EKS using Helm !

References

Welcome - Ingress-Nginx Controller