LinuxBlog.xyz February 6, 2021 - Patrick Kerwood
Installing NGINX Ingress with Helm on Digital Ocean
This is a guide on installing a NGINX Ingress controller on a managed Digital Ocean Kubernetes cluster.
# Prerequisites
A prerequisite for installing NGINX Ingress with Helm is of course Helm. Go to the Helm install docs (opens new window) and get a piece of that cake.
Efter installing Helm, add the ingress-nginx repo and update your Helm repositories.
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
# Installing NGINX Ingress
Create a namespace in your cluster.
kubectl create namespace ingress-nginx
Below is the install command for deploying the NGINX ingress controller. You can choose the size of the load balancer in the do-loadbalancer-size-slug annotation, the different options are lb-small, lb-medium and lb-large.
The last line gives the option to name your load balancer.
helm install ingress-nginx ingress-nginx/ingress-nginx \
--namespace ingress-nginx \
--set controller.service.type=LoadBalancer \
--set controller.service.externalTrafficPolicy=Local \
--set controller.config.use-proxy-protocol="true" \
--set-string controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-enable-proxy-protocol"="true" \
--set-string controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-size-slug"="lb-small" \
--set-string controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-name"="my-load-balancer-name"
WARNING
As of February 2021, there's an issue with pod to pod communication, through the load balancer public IP. This is an issue for Cert Manager, that checks if an ACME challenge is actually reachable before sending a request to Let's Encrypt. The workaround is to give the load balancer a hostname with the do-loadbalancer-hostname annotation. It does not have to be a domain name in use, it can be any domain name, it doesn't matter.
Add below line to your Helm install command.
--set-string controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-hostname"="workaround-examle.org"
# Verify
After deploying the ingress controller, you can verify that the load balancer is ensured. It might take some time depending on your provider.
$ kubectl describe service ingress-nginx-controller --namespace ingress-nginx
...
Normal EnsuredLoadBalancer 2m32s service-controller Ensured load balancer
# References
- NGINX-Ingress install documentation. (opens new window)
- NGINX configration with Helm parameters. (opens new window)
- DigitalOcean - Configure Load Balancers. (opens new window)
