Ingress missing associated address ELB

0 votes

I'm trying to assign a certificate and secure it with TLS/HTTPS. Initially I setup nginx-ingress on EKS using Helm

I tried to get the sample app working (cafe) using the following config:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: cafe-ingress
spec:
  tls:
  - hosts:
    - cafe.example.com
    secretName: cafe-secret
  rules:
  - host: cafe.example.com
    http:
      paths:
      - path: /tea
        backend:
          serviceName: tea-svc
          servicePort: 80
      - path: /coffee
        backend:
          serviceName: coffee-svc
          servicePort: 80

The ingress and all supported services/deploys worked fine but there's one major thing missing: the ingress doesn't have an associated address/ELB:

NAME           HOSTS                 ADDRESS   PORTS     AGE
cafe-ingress   cafe.example.com                80, 443   12h

Service LoadBalancers create ELB resources, i.e.:

testnodeapp    LoadBalancer   172.20.4.161     a64b46f3588fe...   80:32107/TCP     13h

However, the Ingress is not creating an address. How do I get an Ingress controller exposed externally on EKS to handle TLS/HTTPS?

Sep 10, 2018 in Kubernetes by lina
• 8,220 points
1,354 views

1 answer to this question.

0 votes

To get up and running on EKS:

  1. Deploy EKS using the CloudFormation template here: Keep in mind that I've restricted access with the CidrIp: 193.22.12.32/32. Change this to suit your needs.

  2. Install Client Tools. Follow the guide here.

  3. Configure the client. Follow the guide here.
  4. Enable the worker nodes. Follow the guide here

You can verify that the cluster is up and running and you are pointing to it by running:

kubectl get svc

Deploy nginx-ingress:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/cloud-generic.yaml

Fetch rbac.yml

kubectl apply -f rbac.yml

Have a certificate and key ready for testing. Create the necessary secret like so:

kubectl create secret tls cafe-secret --key mycert.key --cert mycert.crt -n ingress-nginx

Copy coffee.yml from here. Copy coffee-ingress.yml from here. Update the domain you want to run this under. Run them like so

kubectl apply -f coffee.yaml
kubectl apply -f coffee-ingress.yaml

Update the CNAME for your domain to point to the ADDRESS for:

kubectl get ing -n ingress-nginx -o wide

Refresh DNS cache and test the domain. You should get a secure page with request stats. I've replicated this multiple times so if it fails to work for you check the steps, config, and certificate. Also, check the logs on the nginx-ingress-controller* pod.

kubectl logs pod/nginx-ingress-controller-*********** -n ingress-nginx
answered Sep 10, 2018 by Kalgi
• 52,350 points

Related Questions In Kubernetes

0 votes
1 answer

Getting the pod's ip address for the container inside of it

You can make sure that the replication ...READ MORE

answered Aug 24, 2018 in Kubernetes by DareDev
• 6,890 points
2,880 views
0 votes
1 answer

Pods IP address from inside a container in the pod

Make sure that your pod yaml file ...READ MORE

answered Aug 29, 2018 in Kubernetes by Kalgi
• 52,350 points
2,437 views
0 votes
1 answer

Forcing ssl for Kubernetes Ingress on GKE

https://github.com/kubernetes/ingress-gce#frontend-https If you want to block http, you ...READ MORE

answered Sep 6, 2018 in Kubernetes by ajs3033
• 7,300 points
4,226 views
0 votes
2 answers

Deny access to some specific paths while using kubernetes ingress

Try to create two Ingresses first by default ...READ MORE

answered Sep 21, 2018 in Kubernetes by Nilesh
• 7,060 points
12,063 views
+1 vote
1 answer
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17, 2019 in Others by anonymous
15,477 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
4,035 views
0 votes
1 answer

Kubernetes: Ingress doesn't set IP address

You must set up an ingress controller ...READ MORE

answered Sep 12, 2018 in Kubernetes by Kalgi
• 52,350 points
1,730 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP