Installation with the NGINX Ingress Operator
This document describes how to install the NGINX Ingress Controller in your Kubernetes cluster using the NGINX Ingress Operator.
Note:
An NGINX Ingress Operator version compatible with the 3.1.1 NGINX Ingress Controller release is not available yet. We will update this document and remove this note once we publish a compatible Operator version.
This document describes how to install the F5 NGINX Ingress Controller in your Kubernetes cluster using the NGINX Ingress Operator.
Prerequisites
- Make sure you have access to the Ingress Controller image:
- For NGINX Ingress Controller, use the image
nginx/nginx-ingress
from DockerHub. - For NGINX Plus Ingress Controller, see here for details on how to pull the image from the F5 Docker registry.
- To pull from the F5 Container registry, configure a docker registry secret using your JWT token from the MyF5 portal by following the instructions from here.
- It is also possible to build your own image and push it to your private Docker registry by following the instructions from here.
- For NGINX Ingress Controller, use the image
- Install the NGINX Ingress Operator following the instructions.
- Create the SecurityContextConstraint as outlined in the “Getting Started” instructions.
1. Create the NginxIngressController manifest
Create a manifest nginx-ingress-controller.yaml
with the following content:
apiVersion: charts.nginx.org/v1alpha1
kind: NginxIngress
metadata:
name: nginxingress-sample
namespace: nginx-ingress
spec:
controller:
defaultTLS:
secret: ""
image:
pullPolicy: IfNotPresent
repository: nginx/nginx-ingress
tag: 3.1.1-ubi
ingressClass: nginx
kind: deployment
nginxplus: false
replicaCount: 1
serviceAccount:
imagePullSecretName: ""
Note: For NGINX Plus, change the image.repository
and image.tag
values and change nginxPlus
to True
. If required, set the serviceAccount.imagePullSecretName
to the name of the precreated docker config secret that should be associated with the ServiceAccount.
2. Create the NginxIngressController
$ kubectl apply -f nginx-ingress-controller.yaml
A new instance of the NGINX Ingress Controller will be deployed by the NGINX Ingress Operator in the default
namespace with default parameters.
To configure other parameters of the NginxIngressController resource, check the documentation.
Note: Some users reported an OOMkilled
error when they deployed the NGINX Ingress Operator in a large cluster with multiple namespaces and Kubernetes objects. This is due to the helm operator caching every Kubernetes object in the cluster, and thus consuming too much system memory. If you encounter this issue, consider setting the operator to only watch one namespace. If watching multiple namespaces is required in your use case, try manually increasing the memory limit for the operator. Note that the value might be overwritten after a release update. We are working with the OpenShift team to resolve this issue.