AKS and Helm Charts: Ingress Controllers

This is a post I’ve been meaning to write for a long time. In several of my demos, many of you who follow me have seen how I use the following two helm charts to deploy new helm charts on my Kubernetes cluster that route traffic to my nginx ingress controller (LoadBalancer) and pull a valid SSL cert from Let’s Encrypt through the Kube Lego deployment (pod). I want to briefly explain how that’s all working.

https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress

https://github.com/kubernetes/charts/tree/master/stable/kube-lego

First, you can find out about how to setup both charts in my previous blog post. Once you’ve configured both charts and made a record with your domain registrar, you’re ready to follow along.

The way I’ve configured my nginx/kube-lego setup is as follows:

  1. Pointed Google DNS Namespace record to Azure DNS az.jessicadeen.com
  2. From Azure DNS, created an A record pointing to my nginx ingress within my K8s cluster
    1. For this, I used a wildcard *.k8s

What this means is anytime I register anything with .k8s.az.jessicadeen as the suffix (I.E bob.k8s.az.jessicadeen.com) between Google DNS and Azure DNS, traffic is routed to my nginx ingress controller in my Kubernetes cluster.

Huge shoutout to Lachie Evenson for introducing me to this setup!

Now, of course, I do have to ensure my helm charts have the ingress enabled and have the proper ingress.yaml file configured. If you have seen my Build demo with Abel Wang, here are the code snippets I used:

You’ll notice – all this code does is enable the ingress as part of the Kubernetes deployment with Helm and then the ingress.yaml (which is parameterized) says if the value is enabled, then fill out the following data such as rules to route the host (ingress.hostname) to the http path of /.

That’s it!

Reminder: All of my posts are provided "AS IS", imply no warranties, and confer no rights or special privileges. Use of included postings, code samples and other works are subject to the terms specified at Microsoft. For more information, click here.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.