Kubernetes Nginx Ingress Controller on Windows with Docker Desktop - doesn't seem to work

10/14/2021

I have Docker Desktop (Windows) installed, and have turned on Kubernetes.

I've installed the Nginx ingress controller by running the following command:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.0.4/deploy/static/provider/cloud/deploy.yaml

(above command from docs)

I've applied the following YAML...

apiVersion: apps/v1
kind: Deployment
metadata:
  name: blah
spec:
  replicas: 1
  selector:
    matchLabels:
      app: blah
  template:
    metadata:
      labels:
        app: blah
    spec:
      containers:
      - name: blah
        image: tutum/hello-world
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
---

apiVersion: v1
kind: Service
metadata:
  name: blah
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    nodePort: 30010
  selector:
    app: blah

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: blah
spec:
  defaultBackend:
    service:
      name: blah
      port:
        name: http
  rules:
  - host: kubernetes.docker.internal
    http:
      paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: blah
              port:
                name: HTTP

If I do a GET request from my Windows machine http://kubernetes.docker.internal/ - I get this...

enter image description here

The above, I'd expect to hit my pod.

If I do a get on a non-existent URL (eg. 'http://kubernetes.docker.internal/nonexistant'), I get an NGINX 404.

If I do it on the HTTPS version 'https://kubernetes.docker.internal' - I also get a 404.

If I access it via the NodePort 'http://kubernetes.docker.internal:30010', then it works as expected because it's not using the ingress.

It's almost as if the Nginx Controller has been installed, but any requests are just hitting Nginx directly, and ignoring any ingresses I create.

I'm sure I'm missing something fundamental - but any ideas about what I'm doing wrong?

Update

Following on from @clarj's comment, I looked at the nginx controller logs, and saw the following error: "ingress does not contain a valid IngressClass". So I've added the following to the ingress...

  annotations:
    kubernetes.io/ingress.class: "nginx"

This has got rid of the error, but not fixed the problem.

Here are my logs now...

-------------------------------------------------------------------------------
NGINX Ingress controller
  Release:       v1.0.4
  Build:         9b78b6c197b48116243922170875af4aa752ee59
  Repository:    https://github.com/kubernetes/ingress-nginx
  nginx version: nginx/1.19.9

-------------------------------------------------------------------------------

W1014 18:13:38.886167       7 client_config.go:615] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I1014 18:13:38.886636       7 main.go:221] "Creating API client" host="https://10.96.0.1:443"
I1014 18:13:38.890654       7 main.go:265] "Running in Kubernetes cluster" major="1" minor="21" git="v1.21.4" state="clean" commit="3cce4a82b44f032d0cd1a1790e6d2f5a55d20aae" platform="linux/amd64"
I1014 18:13:38.979187       7 main.go:104] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I1014 18:13:38.987243       7 ssl.go:531] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I1014 18:13:38.992390       7 nginx.go:253] "Starting NGINX Ingress controller"
I1014 18:13:38.995200       7 event.go:282] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"4865a09a-18fe-4760-a466-742b63ab480f", APIVersion:"v1", ResourceVersion:"14917", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
I1014 18:13:40.095580       7 store.go:371] "Found valid IngressClass" ingress="default/blah" ingressclass="nginx"
I1014 18:13:40.095725       7 event.go:282] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"blah", UID:"389b024c-9148-4ed0-83b6-a8be5e241655", APIVersion:"networking.k8s.io/v1", ResourceVersion:"25734", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
I1014 18:13:40.193521       7 nginx.go:295] "Starting NGINX process"
I1014 18:13:40.193677       7 leaderelection.go:243] attempting to acquire leader lease ingress-nginx/ingress-controller-leader...
I1014 18:13:40.193757       7 nginx.go:315] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I1014 18:13:40.193876       7 controller.go:152] "Configuration changes detected, backend reload required"
I1014 18:13:40.195273       7 status.go:84] "New leader elected" identity="ingress-nginx-controller-5c8d66c76d-4gfd4"
I1014 18:13:40.213501       7 controller.go:169] "Backend successfully reloaded"
I1014 18:13:40.213577       7 controller.go:180] "Initial sync, sleeping for 1 second"
I1014 18:13:40.213614       7 event.go:282] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-5c8d66c76d-fb79x", UID:"69db0f7e-0137-48ee-b4aa-fc28d5208423", APIVersion:"v1", ResourceVersion:"25887", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I1014 18:14:23.192016       7 leaderelection.go:253] successfully acquired lease ingress-nginx/ingress-controller-leader
I1014 18:14:23.192035       7 status.go:84] "New leader elected" identity="ingress-nginx-controller-5c8d66c76d-fb79x"

Update 2

Actually, the fix in my 'Update' above did work. I just needed to use HTTP in my GET request.

-- Dan
docker-desktop
kubernetes
nginx
nginx-ingress

1 Answer

10/14/2021

I worked it out, after a hint from @clarj about checking the Nginx Controller pod logs.

Turned out I was missing the following annotation from my ingress...

  annotations:
    kubernetes.io/ingress.class: "nginx"

(see my 'Update' in my initial post)

After that fix - the GET request that had HTTPS then worked.

-- Dan
Source: StackOverflow