Cover image for Let's Embark! Setting up Ingress (Part 2)

Let's Embark! Setting up Ingress (Part 2)

hammotime profile image Adam Hammond Originally published at engi.fyi ・3 min read

In this article of the "Let's Embark!" series, we cover how to setup nginx-ingress using the offical nginxinc/nginx-ingress images and getting your cluster connected to the internet. To find out how to setup a Cluster on Digital Ocean, see Part 1 and use my Referral Code for $100 credit to get you up and running.

Well, we have a cluster. What now? We need to get our Cluster connected to the internet so that it can receive connections to our services. By the end of this article, you will have nginx-ingress setup and configured, and a demo app reachable from the internet.

Installing nginx-ingress

I prefer to use the offical nginx-ingress images from Nginx, Inc. We will be setting up our Ingress controllers as a DaemonSet, so each pod will run on a node within our Cluster. Let's clone the source repository for our configuration and get our basic configuration items setup on our Cluster.

git clone git@github.com:nginxinc/kubernetes-ingress.git
cd deployments/
kubectl apply -f common/ns-and-sa.yaml
kubectl apply -f rbac/rbac.yaml
kubectl apply -f common/custom_resource_definitions.yaml
kubectl apply -f common/nginx-config.yaml
kubectl apply -f daemon-set/nginx-ingress.yaml

Within about five minutes, you should see a DaemonSet on each node you have active. For the final part of our installation, we need to configure our domain name to point to our IP address, so run the following command and the value available under EXTERNAL-IP should be created as an A record in your DNS settings. I would recommend using Digital Ocean's DNS Service for this.

$ kubectl get service nginx-ingress -n nginx-ingress
NAME           TYPE          CLUSTER-IP     EXTERNAL-IP  PORT(S)        AGE
nginx-ingress  LoadBalancer      80:31908/TCP   3d1h

Exposing Services

On Kubernetes, when we talk about "Services" we are talking about the endpoint that gets exposed via a Cluster's external IP Address. There are three things that go into creating and running a service on Kubernetes:

  • Deployment: this creates the template for the pods, including container and replica configuration which includes image, network, and metadata information.
  • Service: this defines the port that the item created by the Deployment (ReplicaSet, DaemonSet, etc) wil be exposed on in the cluster. Once you've created a Service, you can access it within the cluster at <deployment_name>.<namespace>.svc.cluster.local at the port you have exposed in the Service configuration.
  • Ingress: This defines the domain name that we expose the service as on the external IP. Ingress within Kubernetes generally uses Server Name Indication (SNI) which means without a domain name, it will be impossible to get to your Service.

For us to get our service up and running, we need to run five scripts which will setup everything we need and expose our service on our nginx-ingress. Prior to continuing, you will have needed to setup your domain name, as we will use it in the configuration below.

$ kubectl apply -f echo_namespace.yaml

# echo_namespace.yaml
kind: Namespace
apiVersion: v1
  name: echo
    name: echo

$ kubectl apply -f echo_deployment.yaml

# echo_deployment.yaml
apiVersion: apps/v1
kind: Deployment
  name: echo
  namespace: echo
      app: echo
  replicas: 2
        app: echo
      - name: echo
        image: hashicorp/http-echo
        - "-text=Default HTTP Service"
        - containerPort: 5678
$ kubectl apply -f echo_service.yaml

# echo_service.yaml
apiVersion: v1
kind: Service
  name: echo
  namespace: echo
  - port: 80
    targetPort: 5678
    app: echo
kubectl apply -f echo_ingress.yaml

# echo_ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
  name: echo-ingress
  namespace: echo
    kubernetes.io/ingress.class: nginx
  - host: <YOUR_DOMAIN_NAME>
      - backend:
          serviceName: echo
          servicePort: 80

Once all of these templates have been applied to your cluster, your new service will be available at the domain name you specified. The way that nginx-ingress knows to expose your service is through the annotation on the Ingress template: kubernetes.io/ingress.class: nginx.

What's Next?

Okay, so we've successfully got our cluster up and running, and we've exposed a service to the internet. Next up, we have details on how to secure our service using TLS via Jetstack's cert-manager and Let's Encrypt. For more information on the series, please visit the series page.

Posted on by:

hammotime profile

Adam Hammond


I'm an Australian DevOps Engineer that loves picking things apart to figure out how they work. Opinions are my own. #devops #python #aws #containers


Editor guide