Can anyone explain to me how to set up a SINGLE nginx ingress controller with configuration that I currently have, as follows:
I've seen here
This seems to be on the right track, but it's for paths "/cafe". When I need it to be "a.my-site.com".
The main reason I want to do this is I don't want to have to install an ingress controller for every client (namespace) we have.
So I figured this out, The default HELM nginx-ingress controller installation works fine without SSL certificates. NGINX Controller actually does work with ingress resources from various namespaces.
I installed my *.domain.com certificate and key using
kubectl create secret tls {SECRET_NAME} --key {KEY_FILE} --cert {CERT_FILE}Then in the nginx-ingress-controller deployment I added:
-args:
- --default-ssl-certificate=tenancy/loadflex-wildcard={NAMESPACE}/{SECRET_NAME}The ingresses live in the namespace. For example:
Namespace A: Ingress -> Host: a.domain.com
Namespace B: Ingress with host: b.domain.com
the only thing listed in the annotations for the ingress controllers is kubernetes.io/ingress.class: "nginx"
All domains points to the nginx load balancer IP.
Now it works perfectly. Very simple, but it was also very unclear scouring through the docs.