Configuring an Ingress
note
For Kubernetes v1.21 and up, the NGINX Ingress controller no longer runs in hostNetwork by default. It instead uses hostPorts for port 80 and port 443, so you can configure the admission webhook to be accessible only through the ClusterIP. This ensures that the webhook is only accessible from within the cluster.
Because of this change to the controller, the default RKE1 behavior no longer sets hostNetwork
to true
. However, you must set hostNetwork
to true
for TCP- and UDP-based Services to work. To do so, edit the cluster’s YAML and follow the steps in the official RKE1 doccumention.
Specify a hostname to use
If you use this option, Ingress routes requests for a hostname to the service or workload that you specify.
- Specify a path of type
Prefix
and specify a path such as/
. - Add a Target Service.
- Optional: If you want to specify a workload or service when a request is sent to a particular hostname path, add a Path for the target. For example, if you want requests for
www.mysite.com/contact-us
to be sent to a different service thanwww.mysite.com
, enter/contact-us
in the Path field. Typically, the first rule that you create does not include a path. - Enter the Port number that each target operates on.
Certificates
note
You must have an SSL certificate that Ingress can use to encrypt and decrypt communications. For more information, see Adding SSL Certificates.
- To create an Ingress controller, click the Certificates tab.
- Click Add Certificate.
- Select a Certificate - Secret Name from the drop-down list.
- Enter the host using encrypted communication.
- To add more hosts that use the same certificate, click Add Hosts.
Labels and Annotations
Add Labels and/or Annotations to provide metadata for your Ingress controller.
For a list of annotations available for use, see the Nginx Ingress Controller Documentation.