Get started
This is a guide for getting started with NGINX Gateway Fabric. It explains how to:
- Set up a kind (Kubernetes in Docker) cluster
- Install NGINX Gateway Fabric with NGINX
- Test NGINX Gateway Fabric with an example application
By following the steps in order, you will finish with a functional NGINX Gateway Fabric cluster.
Before you begin
To complete this guide, you need the following prerequisites installed:
- Go 1.16 or newer, which is used by kind
- Docker, for creating and managing containers
- kind, which allows for running a local Kubernetes cluster using Docker
- kubectl, which provides a command line interface (CLI) for interacting with Kubernetes clusters
- Helm 3.0 or newer to install NGINX Gateway Fabric
- curl, to test the example application
Set up a kind cluster
Create the file cluster-config.yaml with the following contents, noting the highlighted lines:
|
|
Warning:
Take note of the two containerPort values. They are necessary for later configuring a NodePort.
Run the following command:
kind create cluster --config cluster-config.yaml
Creating cluster "kind" ...
â Ensuring node image (kindest/node:v1.31.0) đŧ
â Preparing nodes đĻ
â Writing configuration đ
â Starting control-plane đšī¸
â Installing CNI đ
â Installing StorageClass đž
Set kubectl context to "kind-kind"
You can now use your cluster with:
kubectl cluster-info --context kind-kind
Thanks for using kind! đ
Note:
If you have cloned the NGINX Gateway Fabric repository, you can also create a kind cluster from the root folder with the following make command:
make create-kind-cluster
Install NGINX Gateway Fabric
Add Gateway API resources
Use kubectl to add the API resources for NGINX Gateway Fabric with the following command:
kubectl kustomize "https://github.com/nginxinc/nginx-gateway-fabric/config/crd/gateway-api/standard?ref=v1.4.0" | kubectl apply -f -
customresourcedefinition.apiextensions.k8s.io/gatewayclasses.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/gateways.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/grpcroutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/httproutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/referencegrants.gateway.networking.k8s.io created
Note:
To use experimental features, you’ll need to install the API resources from the experimental channel instead.
kubectl kustomize "https://github.com/nginxinc/nginx-gateway-fabric/config/crd/gateway-api/experimental?ref=v1.4.0" | kubectl apply -f -
Install the Helm chart
Use helm to install NGINX Gateway Fabric with the following command:
helm install ngf oci://ghcr.io/nginxinc/charts/nginx-gateway-fabric --create-namespace -n nginx-gateway --set service.create=false
Pulled: ghcr.io/nginxinc/charts/nginx-gateway-fabric:1.4.0
Digest: sha256:9bbd1a2fcbfd5407ad6be39f796f582e6263512f1f3a8969b427d39063cc6fee
NAME: ngf
LAST DEPLOYED: Mon Oct 21 14:45:14 2024
NAMESPACE: nginx-gateway
STATUS: deployed
REVISION: 1
TEST SUITE: None
Note:
If you installed the API resources from the experimental channel during the last step, you will need to enable the nginxGateway.gwAPIExperimentalFeatures option:
helm install ngf oci://ghcr.io/nginxinc/charts/nginx-gateway-fabric --create-namespace -n nginx-gateway --set service.create=false --set nginxGateway.gwAPIExperimentalFeatures.enable=true
Set up a NodePort
Create the file nodeport-config.yaml with the following contents:
Note:
The highlighted nodePort values should equal the containerPort values from cluster-config.yaml when you created the kind cluster.
|
|
Apply it using kubectl:
kubectl apply -f nodeport-config.yaml
service/nginx-gateway created
Warning:
The NodePort resource must be deployed in the same namespace as NGINX Gateway Fabric.
If you are making customizations, ensure your
labels:andselectors:also match the labels of the NGINX Gateway Fabric Deployment.
Create an example application
In the previous section, you deployed NGINX Gateway Fabric to a local cluster. This section shows you how to deploy a simple web application to test that NGINX Gateway Fabric works.
Note:
The YAML code in the following sections can be found in the cafe-example folder of the GitHub repository.
Create the application resources
Create the file cafe.yaml with the following contents:
apiVersion: apps/v1
kind: Deployment
metadata:
name: coffee
spec:
replicas: 1
selector:
matchLabels:
app: coffee
template:
metadata:
labels:
app: coffee
spec:
containers:
- name: coffee
image: nginxdemos/nginx-hello:plain-text
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: coffee
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
app: coffee
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tea
spec:
replicas: 1
selector:
matchLabels:
app: tea
template:
metadata:
labels:
app: tea
spec:
containers:
- name: tea
image: nginxdemos/nginx-hello:plain-text
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: tea
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
app: tea
Apply it:
kubectl apply -f cafe.yaml
deployment.apps/coffee created
service/coffee created
deployment.apps/tea created
service/tea created
Verify that the new pods are in the default namespace:
kubectl -n default get pods
NAME READY STATUS RESTARTS AGE
coffee-6db967495b-wk2mm 1/1 Running 0 10s
tea-7b7d6c947d-d4qcf 1/1 Running 0 10s
Create Gateway and HTTPRoute resources
Create the file gateway.yaml with the following contents:
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: gateway
spec:
gatewayClassName: nginx
listeners:
- name: http
port: 80
protocol: HTTP
hostname: "*.example.com"
Apply it using kubectl:
kubectl apply -f gateway.yaml
gateway.gateway.networking.k8s.io/gateway created
Create the file cafe-routes.yaml with the following contents:
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: coffee
spec:
parentRefs:
- name: gateway
sectionName: http
hostnames:
- "cafe.example.com"
rules:
- matches:
- path:
type: PathPrefix
value: /coffee
backendRefs:
- name: coffee
port: 80
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: tea
spec:
parentRefs:
- name: gateway
sectionName: http
hostnames:
- "cafe.example.com"
rules:
- matches:
- path:
type: Exact
value: /tea
backendRefs:
- name: tea
port: 80
Apply it using kubectl:
kubectl apply -f cafe-routes.yaml
httproute.gateway.networking.k8s.io/coffee created
httproute.gateway.networking.k8s.io/tea created
Verify the configuration
You can check that all of the expected services are available using kubectl get:
kubectl get service --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default coffee ClusterIP 10.96.18.163 <none> 80/TCP 2m51s
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 4m41s
default tea ClusterIP 10.96.169.132 <none> 80/TCP 2m51s
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 4m40s
nginx-gateway nginx-gateway NodePort 10.96.186.45 <none> 80:31437/TCP,443:31438/TCP 3m6s
You can also use kubectl describe on the new resources to check their status:
kubectl describe httproutes
Name: coffee
Namespace: default
Labels: <none>
Annotations: <none>
API Version: gateway.networking.k8s.io/v1
Kind: HTTPRoute
Metadata:
Creation Timestamp: 2024-10-21T13:46:51Z
Generation: 1
Resource Version: 821
UID: cc591089-d3aa-44d3-a851-e2bbfa285029
Spec:
Hostnames:
cafe.example.com
Parent Refs:
Group: gateway.networking.k8s.io
Kind: Gateway
Name: gateway
Section Name: http
Rules:
Backend Refs:
Group:
Kind: Service
Name: coffee
Port: 80
Weight: 1
Matches:
Path:
Type: PathPrefix
Value: /coffee
Status:
Parents:
Conditions:
Last Transition Time: 2024-10-21T13:46:51Z
Message: The route is accepted
Observed Generation: 1
Reason: Accepted
Status: True
Type: Accepted
Last Transition Time: 2024-10-21T13:46:51Z
Message: All references are resolved
Observed Generation: 1
Reason: ResolvedRefs
Status: True
Type: ResolvedRefs
Controller Name: gateway.nginx.org/nginx-gateway-controller
Parent Ref:
Group: gateway.networking.k8s.io
Kind: Gateway
Name: gateway
Namespace: default
Section Name: http
Events: <none>
Name: tea
Namespace: default
Labels: <none>
Annotations: <none>
API Version: gateway.networking.k8s.io/v1
Kind: HTTPRoute
Metadata:
Creation Timestamp: 2024-10-21T13:46:51Z
Generation: 1
Resource Version: 823
UID: d72d2a19-1c4d-48c4-9808-5678cff6c331
Spec:
Hostnames:
cafe.example.com
Parent Refs:
Group: gateway.networking.k8s.io
Kind: Gateway
Name: gateway
Section Name: http
Rules:
Backend Refs:
Group:
Kind: Service
Name: tea
Port: 80
Weight: 1
Matches:
Path:
Type: Exact
Value: /tea
Status:
Parents:
Conditions:
Last Transition Time: 2024-10-21T13:46:51Z
Message: The route is accepted
Observed Generation: 1
Reason: Accepted
Status: True
Type: Accepted
Last Transition Time: 2024-10-21T13:46:51Z
Message: All references are resolved
Observed Generation: 1
Reason: ResolvedRefs
Status: True
Type: ResolvedRefs
Controller Name: gateway.nginx.org/nginx-gateway-controller
Parent Ref:
Group: gateway.networking.k8s.io
Kind: Gateway
Name: gateway
Namespace: default
Section Name: http
Events: <none>
kubectl describe gateways
Name: gateway
Namespace: default
Labels: <none>
Annotations: <none>
API Version: gateway.networking.k8s.io/v1
Kind: Gateway
Metadata:
Creation Timestamp: 2024-10-21T13:46:36Z
Generation: 1
Resource Version: 824
UID: 2ae8ec42-70eb-41a4-b249-3e47177aea48
Spec:
Gateway Class Name: nginx
Listeners:
Allowed Routes:
Namespaces:
From: Same
Hostname: *.example.com
Name: http
Port: 80
Protocol: HTTP
Status:
Addresses:
Type: IPAddress
Value: 10.244.0.5
Conditions:
Last Transition Time: 2024-10-21T13:46:51Z
Message: Gateway is accepted
Observed Generation: 1
Reason: Accepted
Status: True
Type: Accepted
Last Transition Time: 2024-10-21T13:46:51Z
Message: Gateway is programmed
Observed Generation: 1
Reason: Programmed
Status: True
Type: Programmed
Listeners:
Attached Routes: 2
Conditions:
Last Transition Time: 2024-10-21T13:46:51Z
Message: Listener is accepted
Observed Generation: 1
Reason: Accepted
Status: True
Type: Accepted
Last Transition Time: 2024-10-21T13:46:51Z
Message: Listener is programmed
Observed Generation: 1
Reason: Programmed
Status: True
Type: Programmed
Last Transition Time: 2024-10-21T13:46:51Z
Message: All references are resolved
Observed Generation: 1
Reason: ResolvedRefs
Status: True
Type: ResolvedRefs
Last Transition Time: 2024-10-21T13:46:51Z
Message: No conflicts
Observed Generation: 1
Reason: NoConflicts
Status: False
Type: Conflicted
Name: http
Supported Kinds:
Group: gateway.networking.k8s.io
Kind: HTTPRoute
Group: gateway.networking.k8s.io
Kind: GRPCRoute
Events: <none>
Test NGINX Gateway Fabric
By configuring the cluster with the ports 31437 and 31438, there is implicit port forwarding from your local machine to NodePort, allowing for direct communication to the NGINX Gateway Fabric service.
You can use curl to test the new services by targeting the hostname (cafe.example.com) with the /coffee and /tea paths:
curl --resolve cafe.example.com:8080:127.0.0.1 http://cafe.example.com:8080/coffee
Server address: 10.244.0.6:8080
Server name: coffee-6db967495b-wk2mm
Date: 21/Oct/2024:13:52:13 +0000
URI: /coffee
Request ID: fb226a54fd94f927b484dd31fb30e747
curl --resolve cafe.example.com:8080:127.0.0.1 http://cafe.example.com:8080/tea
Server address: 10.244.0.7:8080
Server name: tea-7b7d6c947d-d4qcf
Date: 21/Oct/2024:13:52:17 +0000
URI: /tea
Request ID: 43882f2f5794a1ee05d2ea017a035ce3
See also
- Install NGINX Gateway Fabric, for additional ways to install NGINX Gateway Fabric
- How-to guides, for configuring your cluster
- Traffic management, for more in-depth traffic management configuration
Last modified October 22, 2024