Search code examples
azureazure-aksnginx-ingress

Ingress Nginx external IP set not working

I'm trying to make Ingress use external IP i have created in Azure

First I have created an IP in the portal and added my AKS service as network contributor, then added it in the values file used by HELM

# -- List of IP addresses at which the controller services are available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: ["20.124.63.xxx"]

# -- Used by cloud providers to connect the resulting `LoadBalancer` to a pre-existing static IP according to https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
loadBalancerIP: ""
loadBalancerSourceRanges: []

enableHttp: true
enableHttps: true

But after deployment, my ingress gets two external IPs, and the one set by me does not work at all, only automatically generated works: Two IPs

My config looks like this, so I think running this as loadbalancer is not exactly possible:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-world-ingress
  namespace: default
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  ingressClassName: nginx
  rules:
  - host: xxx.com
    http:
      paths:
      - path: /(.*)
        pathType: Prefix
        backend:
          service:
            name: aks-one
            port:
              number: 80

  - host: xxx.com
    http:
      paths:
      - path: /(.*)
        pathType: Prefix
        backend:
          service:
            name: aks-two
            port:
              number: 80

I would like to use static IP I have created to access my Ingress, what should I do to achieve that?

Solution

  • Exposing the Service of your ingress controller with your public ip can be done like this:

    apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/azure-load-balancer-resource-group: myResourceGroup # only needed if the LB is in another RG
  name: ingress-nginx-controller
spec:
  loadBalancerIP: <YOUR_STATIC_IP>
  type: LoadBalancer

    Azure now will spin-up a LoadBalancer with your public IP.

    The Ingress Controller then will route incoming traffic to your apps with an Ingress resource:

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minimal-ingress
spec:
  ingressClassName: nginx # ingress-nginx specifix
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 80