Installation with the NGINX Ingress Operator

This document explains how to install NGINX Ingress Controller in your Kubernetes cluster using NGINX Ingress Operator.

Before you start

Note:
We recommend the most recent stable version of NGINX Ingress Controller, available on the GitHub repository’s releases page.

  1. Make sure you have access to the NGINX Ingress Controller image:

    • For NGINX Ingress Controller, use the image nginx/nginx-ingress from DockerHub.
    • For NGINX Plus Ingress Controller, see here for details on how to pull the image from the F5 Docker registry.
    • To pull from the F5 Container registry, configure a docker registry secret using your JWT token from the MyF5 portal by following the instructions from here.
    • It is also possible to build your own image and push it to your private Docker registry by following the instructions from here).

  2. Install the NGINX Ingress Operator following the instructions.

  3. Create the SecurityContextConstraint as outlined in the “Getting Started” instructions.

Note:
If you’re upgrading your operator installation to a later release, navigate here and run kubectl apply -f crds/ or oc apply -f crds/ as a prerequisite

Create the NGINX Ingress Controller manifest

Create a manifest nginx-ingress-controller.yaml with the following content:

apiVersion: charts.nginx.org/v1alpha1
kind: NginxIngress
metadata:
  name: nginxingress-sample
  namespace: nginx-ingress
spec:
  controller:
    image:
      pullPolicy: IfNotPresent
      repository: nginx/nginx-ingress
      tag: 3.5.0-ubi
    ingressClass:
      name: nginx
    kind: deployment
    nginxplus: false
    replicaCount: 1
    serviceAccount:
      imagePullSecretName: ""
Note:
For NGINX Plus, change the image.repository and image.tag values and change nginxPlus to True. If required, set the serviceAccount.imagePullSecretName or serviceAccount.imagePullSecretsNames to the name of the pre-created docker config secret that should be associated with the ServiceAccount.

Deploy NGINX Ingress Controller 

kubectl apply -f nginx-ingress-controller.yaml

A new instance of NGINX Ingress Controller will be deployed by the NGINX Ingress Operator in the default namespace with default parameters.

To configure other parameters of the NginxIngressController resource, check the documentation.

Troubleshooting

If you experience an OOMkilled error when deploying the NGINX Ingress Operator in a large cluster, it’s likely because the Helm operator is caching all Kubernetes objects and using up too much memory. If you encounter this issue, try the following solutions:

  • Set the operator to only watch one namespace.
  • If monitoring multiple namespaces is required, consider manually increasing the memory limit for the operator. Keep in mind that this value might be overwritten after a release update.

We are working with the OpenShift team to resolve this issue.