Ingress resource(s) in Kubernetes helps provide Service(s) externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. NGINX integration is an Ingress controller responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic.
Integration creates the following components:
- Ingress Controller.
- Default Backend.
NGINX Ingress controller provides an option to set a default SSL certificate to be used for requests that do not match any of the configured server names. The default certificate will also be used for ingress tls: sections that do not have a secretName option. Below steps will come in handy to set the default certificate.
- Create a secret with key and certificatekubectl -n kube-system create secret tls ingress-tls --cert server.crt --key server.key
- Edit Nginx ingress pack values to include extraArgs.default-ssl-certificate section which will reference the secret created abovecharts:nginx-ingress:fullnameOverride: "nginx-ingress"controller:......extraArgs:default-ssl-certificate: "kube-system/ingress-tls"
For basic troubleshooting, refer the below troubleshooting guide: https://github.com/kubernetes/ingress-nginx/blob/master/docs/troubleshooting.md