1. Deploying and Managing Oracle Unified Directory Services Manager on Kubernetes
  2. Installing Oracle Unified Directory Services Manager on Kubernetes
  3. Configuring Ingress
  4. Installing the NGINX Controller

8.3 Installing the NGINX Controller

To install the NGINX controller:
  1. Navigate to the $WORKDIR/kubernetes/helm14c/ and create a nginx-ingress-values-override.yaml that contains the following:

    Note:

    The configuration below:
    • Assumes that you have oudsm installed with value oudsm as a deployment/release name in the namespace oudsmns. If using a different deployment name and/or namespace change appropriately.
    • Deploys an ingress using LoadBalancer. If you prefer to use NodePort, change the configuration accordingly. For more details about NGINX configuration see: NGINX Ingress Controller. 
    controller:
  admissionWebhooks:
    enabled: false
  extraArgs:
    # The secret referred to by this flag contains the default certificate to be used when accessing the catch-all server.
    # If this flag is not provided NGINX will use a self-signed certificate.
    # If the TLS Secret is in different namespace, name can be mentioned as <namespace>/<tlsSecretName>
    default-ssl-certificate: oudsmns/oudsm-tls-cert
  service:
    # controller service external IP addresses
    # externalIPs:
    #  - < External IP Address >
    # To configure Ingress Controller Service as LoadBalancer type of Service
    # Based on the Kubernetes configuration, External LoadBalancer would be linked to the Ingress Controller Service
    type: LoadBalancer
    # Configuration for NodePort to be used for Ports exposed through Ingress
    # If NodePorts are not defined/configured, Node Port would be assigned automatically by Kubernetes
    # These NodePorts are helpful while accessing services directly through Ingress and without having External Load Balancer.
    nodePorts:
      # For HTTP Interface exposed through LoadBalancer/Ingress
      http: 30080
      # For HTTPS Interface exposed through LoadBalancer/Ingress
      https: 30443

    Note:

    If you do not have an external load balancer configured for your Kubernetes configuration, change type: LoadBalancer to type: NodePort.
  2. To install and configure NGINX Ingress issue the following commands:
    cd $WORKDIR/kubernetes/helm14c/
    helm install --namespace <namespace> \
--values nginx-ingress-values-override.yaml \
lbr-nginx stable/ingress-nginx \
--version 4.7.2
    Where:
    • lbr-nginx is your deployment name
    • stable/ingress-nginx is the chart reference
    For example: 
    cd $WORKDIR/kubernetes/helm14c/
    helm install --namespace mynginxns \
--values nginx-ingress-values-override.yaml \
lbr-nginx stable/ingress-nginx \
--version 4.7.2
    The output will look similar to the following:
    NAME: lbr-nginx
LAST DEPLOYED: <DATE>
NAMESPACE: mynginxns
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace mynginxns get services -o wide -w lbr-nginx-ingress-nginx-controller'
  
An example Ingress that makes use of the controller:
  apiVersion: networking.k8s.io/v1
  kind: Ingress
  metadata:
    name: example
    namespace: foo
  spec:
    ingressClassName: nginx
    rules:
      - host: www.example.com
        http:
          paths:
            - pathType: Prefix
              backend:
                service:
                  name: exampleService
                  port:
                    number: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
      - hosts:
        - www.example.com
        secretName: example-tls

If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:

  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls