Nginx

Ingress resource(s) in Kubernetes helps provide Service(s) externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. NGINX integration is an Ingress controller responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic.

Components

Integration creates the following components:

  • Ingress Controller.
  • Default Backend.

Default SSL certificate

NGINX Ingress controller provides an option to set a default SSL certificate to be used for requests that do not match any of the configured server names. The default certificate will also be used for ingress tls: sections that do not have a secretName option. Below steps will come in handy to set the default certificate.

  1. Create a secret with key and certificate
    kubectl -n kube-system create secret tls ingress-tls --cert server.crt --key server.key
  2. Edit Nginx ingress pack values to include extraArgs.default-ssl-certificate section which will reference the secret created above
    charts:
    nginx-ingress:
    fullnameOverride: "nginx-ingress"
    controller:
    ...
    ...
    extraArgs:
    default-ssl-certificate: "kube-system/ingress-tls"

Troubleshooting

For basic troubleshooting, refer the below troubleshooting guide: https://github.com/kubernetes/ingress-nginx/blob/master/docs/troubleshooting.md

References

https://www.nginx.com/products/nginx/kubernetes-ingress-controller/