I have an existing Nginx controller in my EKS cluster. This is a cluster-wide ingress controller. I want to create another Nginx controller to do some testing. This is also going to be a public-facing ingress controller. Is it possible to do that? I tried creating it by creating a new namespace and then creating new resources under that namespace but it started logging the logs for all the ingresses that were already present. Any idea on how to do that?
You can create additional ingress by deploying nginx ingress image as deployment or daemonset. Below are the manifests for this example. Once you done with this, then you should be able to access the this ingress using nodeIP and nodeport. Then onwards having cloud Loadbalancer that is reachable internal and resolving into node IP's should get you working end to end.
Or you may be better off creating service of type loadbalancer in below example
==> config-map.yml <==
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-configuration
==> deployment.yml <==
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
spec:
replicas: 1
selector:
matchLabels:
app: nginx-ingress
template:
metadata:
labels:
app: nginx-ingress
spec:
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
args:
- /nginx-ingress-controller
- --configmap=${POD_NAMESPACE}/nginx-configuration
env:
- name: POD_NAM
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
==> service-account.yml <==
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-ingress
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- update
- create
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- list
- watch
- get
- apiGroups:
- "extensions"
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- k8s.nginx.org
resources:
- virtualservers
- virtualserverroutes
verbs:
- list
- watch
- get
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-ingress
subjects:
- kind: ServiceAccount
name: nginx-ingress
namespace: nginx-ingress
roleRef:
kind: ClusterRole
name: nginx-ingress
apiGroup: rbac.authorization.k8s.io
==> service.yml <==
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
spec:
selector:
app: nginx-ingress
type: NodePort
ports:
- port: 80
targetPort: 80
protocol: TCP
- port: 443
targetPort: 443
protocol: TCP
name: https
you need to specify the annotationkubernetes.io/ingress.class: "$INGRESS_CONTROLLER"
for example here you are saying nginx will be responsible for this ingress
kind: Ingress
metadata:
name: foo
annotations:
kubernetes.io/ingress.class: "nginx"
if you do not define a class, your cloud provider may use a default ingress controller. using-multiple-ingress-controllers
alb.ingress.kubernetes.io/scheme
annotation is used for deciding internal or public.
List of ingress Annotation