K
Q

How to use Nginx ingress service for internal and external in a single GKE cluster and namespace

5/17/2020

I am using nginx ingress with external IP in a namespace(Google Kubernetes Engine). Now, i want to use nginx ingress internal service to call the service from outside the cluster within the VPC network. Please suggest me how to achieve this.

-- Pthota
google-kubernetes-engine
kubernetes
nginx-ingress

Similar Questions

How to consume Jenkins API Rest in Google Kubernetes Engine from external clients
why is there an error in minikube dashboard
K3s cluster not starting (anymore)
Does Spring Boot's 2.3.x new Kubernetes Readiness probe consider the state of external systems out of the box? if not, how can we incluide it?

2 Answers

5/18/2020

As Christopher mentions, you need to just add the annotation to the service, and it will automatically create an internal load balancer, instead an external one. The service will look like this:

apiVersion: v1
kind: Service
metadata:
  name: nginx-ingress
  namespace: nginx-ingress
  annotations:
    cloud.google.com/load-balancer-type: "Internal"
spec:
  externalTrafficPolicy: Local
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
    name: http
  - port: 443
    targetPort: 443
    protocol: TCP
    name: https
  selector:
    app: nginx-ingress

Leave the rest of the objects as it is. If you want to have both; the external and the internal one, just create the internal one (below). They both can point to the same ingress controller.

-- suren
Source: StackOverflow
5/18/2020

Assuming you use ingress-nginx, then you can follow the steps on their Installation Guide page

You need to have your kubectl context pointed to your cluster (set it up by following this guide) before you can do these commands:

  • Initialize your user as cluster-admin with the following command

    kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin \
--user $(gcloud config get-value account)

  • Deploy ingress-nginx using the following steps

    kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-0.32.0/deploy/static/provider/cloud/deploy.yaml

  • Use a LoadBalancer service with annotation cloud.google.com/load-balancer-type: "Internal". This will spawn an internal ILB in your VPC

    apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx-ilb-service
  namespace: ingress-nginx
  annotations:
    cloud.google.com/load-balancer-type: "Internal"
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/component: controller
spec:
  type: LoadBalancer
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/component: controller
  ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: http
    - name: https
      port: 443
      protocol: TCP
      targetPort: https

Your ILB internal IP will be available in a few minutes after applying this service manifest

-- Christoper Hans
Source: StackOverflow