Really great tutorial dear Venkat. I have been spending a lot of time trying to learn Kubernetes lately and had been stuck with understanding Ingress controller for a while now, especially with the loadbalancer and its external IP part. I first came to this video and as per your suggestion, jumped to your video on setting up MetalLB and successfully set it up. After that I had no problems following the rest of this video. I now have a very good understanding of Ingress controller and would now head into more challenging use cases. Thanks a ton.
@@justmeandopensource Thank you for your response Venkat. I face one issue now and was hoping if you had the time to look at it. I have a deployment of grafana (container port 3000) and the service port is 8000. I tried configuring the ingress similar way how you showed for nginx, but it doesn't work. Do we need to define a new port in the ingress controller for service port 8000 ? I did try it, but it doesn't help. What helped is changing my service port to 80.
Hi Venkat. I just reconfigured my deployment and switched back to service port 8000, but modified the path in the ingress definition so that it is just "/" and now access to the service works fine. Not sure why i cannot give "/grafana" as the path. I have noticed that when i enter the "HOST/grafana", it gets redirected to "HOST/login". Is that the reason why /grafana path doesnt work ? I also tried to define two paths, but it doesnt work as well. I will keep trying.
Hi Venkat. I just reconfigured my deployment and switched back to service port 8000, but modified the path in the ingress definition so that it is just "/" and now access to the service works fine. Not sure why i cannot give "/grafana" as the path. I have noticed that when i enter the "HOST/grafana", it gets redirected to "HOST/login". Is that the reason why /grafana path doesnt work ? I also tried to define two paths, but it doesnt work as well. I will keep trying.
Hi, no matter whether you are using path based or host based ingress routing, internally ingress controller forwards the traffic to respective service and you can configure multiple services based on path. This process is also part of load balancing.
Hi Venkat, I have couple of doubts, 1. When I do a path based routing, I'm finding the CSS contents 404 but the main index.html page is working. 2. The default load balancer created of type Classic, can I change it to Aws application load balancer?
is there a way to avoid the port remapping? For example, what if I don't want to use localhost:80 but instead keep the same port that my original service is using? If I have a service called "yellow" and by default it runs on port 3000, can I still use the nginx ingress and do a `curl localhost:3000/yellow` or something like that? Hopefully this question makes sense. I'm asking because my "app" is actually an API and will break if the port is remapped.
Hi Venkat, Thanks for the nice videos,how is the IP assignment happening in ingress and Kubernetes as well,is it automatically assign randomly or can we set static IP ,if it is dynamic, very difficult to manage right in large environment, can you please share if you have any previous video or any other reference on IP management in Kubernetes.Thanks
Hi Muhammad, thanks for watching. It should be the same on any Kubernetes cluster. I have done a video on Traefik as well which you can watch in the below link. ruclips.net/video/A_PjjCM1eLA/видео.html Thanks.
Venkat..Your videos have deepened my understanding in k8s, one question related to this video...How to setup End to End SSL from Ingress to backend ? I see videos only with TLS offloading
Can you please share the difference between Kong Ingress Controller and Kong API gateway ? If both are same..how routes and services are managed ? Is it same like kong admin api and proxy api ?
Hi Krishna, thanks for watching. Kong ingress controller and api gateway are certainly different. There are various other features with Kong. I am yet to explore Kong and its in my list. Will cover it at some point. Cheers.
Hi Venkat thanks for nginx ingress video. I have multiple dobuts with nginx ingress.I am using AKS and created 5 Load balancer services for 5 microservice. automatically azure created a load balancer named kubernetes-internal(Azure load balancer) and all the remaining load balancers IPs was configured under frontend configuration in kubernetes-internal load balancer (Azure load balancer). Now while changing the health probes from TCP to http for kubernetes-internal(Azure load balancer), my application is not working. I tried to create http load balancer from master node but it accepts only TCP or UDP load balancers. In this scenario do I need to create nginx-ingress which will take http traffic from azure load balancer? If yes which method I should follow?
Hi, thanks for watching this video. I have no experience with Azure AKS. But see if the below documentation helps. docs.microsoft.com/en-us/azure/aks/ingress-tls In this article, the ingress-controller service is exposed as LoadBalancer and all your access to all the internal applications are through this load balancer IP. You don't have to expose all your 5 services as Load Balancer. As you mentioned that will create 5 load balancers. All your services needs to be only of type clusterIP. Nginx ingress controller would be the only one that needs load balancer and when you hit that load balancer, ingress controller will route the traffic to your internal services. You will have to map the ingress controller load balancer IP to preferred domain names. By doing that you can have just one load balancer service multiple domains. Thanks.
Hi Do you have a video for Deploy and use Nginx ingress controller on version >=1.18 As while deploying on 1.18, the nginx controller showing following error "Watching for Ingress" class="nginx" W0112 10:59:36.631050 6 flags.go:211] Ingresses with an empty class will also be processed by this Ingress controller Regards Zaheer
Excelent as always ! Now a question... If i put on the site a tsl secret, it will be declared at the ingress, not at the ingress-controller and not in the metallb no ?
@@justmeandopensource Thanks for always reply our questions !!! Another one... you dont have de yamls of nginx in your repository? i dont use helm :( ...
@@gouterelo Yamls for the nginx-ingress? I don't have them locally. Installed it using helm. You can just download the helm binary and do a dry run command to get the yamls you want.
Hi Siva, i have used metallb as loadbalancer and followed your video to expose the apps with host names but no luck becaz site is not reachable. with LB ip it's working fine...i made dns entry in /etc/hosts file too....i have used internal-ip for metallb is that causing the issue. any help ?
Hi Thanuja, thanks for watching. It should work as exactly shown in this video. So you were able to access your app using LB ip address but not through the hostname (even after adding the entry in /etc/hosts file)? What do you mean by ineternal-ip for metallb? And by the way how did you find me as Siva?
Hi, thanks so much for the video! I've found this really helpful. I have my load balancer deployed on a remote virtual machine. The load balancer has successfully provided an ExternalIP to the ingress controllers. when ssh'd into my virtual machine, I can curl my website just fine using the load balancer's IP. how do I go about exposing that IP to the internet so I can access my services from my local computer using the load balancer's vm's hostname?
Hi, Thanks for watching. Check the official page at metallb.universe.tf/ under Requirements section where it was mentioned metallb is supported from Kubernetes v1.13.0 and above. Cheers.
Hi first of all thank you for your great lecture of k8s I am trying to connect the websocket service using haproxy and nginx-ingress, but an error occurs during the websocket proxy process. Do I need to configure additional settings for haproxy websocket communication?
Hi, thanks for watching. I believe you will have to configure things differently if you were to access websockets. I haven't tried that yet unfortunately.
Hi, thanks for the clear explanation.... I am trying to implement ingress controller in my azure kubernetes cluster..... but unable to hit the load balancer endpoint.... can you make a video on AKS which would be very helpful.... thanks in advance
Super, this video is very useful for me. Thanks again 🙏, Just for information: i use this one for ip filtering in my infrastructure. metadata: annotations: nginx.ingress.kubernetes.io/whitelist-source-range:
@@sivaguruvinayagam7779 Don't be sorry. All the topics viewers are requesting are in my interest area and I can't wait to do those. By doing these I am learning as well.
Hi Seng, I guess that is normal on GKE which is a managed service. Hiwever my video is based on bare metal cluster where we have to take care of the haproxy load balancing ourselves. Cheers.
Hope this helps. Google Kubernetes Engine (GKE) provides a built-in and managed Ingress controller called GKE Ingress. This controller implements Ingress resources as Google Cloud load balancers for HTTP(S) workloads in GKE.
@@shanmugamn7916 Sorry. I meant that its in my to do list :) But I managed to record a video yesterday. As per schedule it will be released on 6th January. I can share it privately with you if you let me know your email address. Thanks.
@@justmeandopensource no worries, still very helpful. Btw, were you able to get path based routing with an external haproxy? The ingress works with external haproxy only for host based routing, but not path based, it works with metallb though deployed within the cluster itself.
Hi Raghu, thanks for watching. I guess you have to configure this on the keycloak side. May be this discussion might help you. stackoverflow.com/questions/45051923/keycloak-angular-no-access-control-allow-origin-header-is-present
Hi Joshu, thanks for watching. I basically used Zsh shell in a Gnome Terminal with oh-my-zsh and zsh-autosuggestions plugin for suggesting commands from my history. I have done a video on my terminal setup long time ago which isn't exactly what you see in this video but will give you an idea. ruclips.net/video/soAwUq2cQHQ/видео.html In this video, I used I3 Tiling window manager on Manjaro Linux. I have done a series of video on this as well but might need a little tweaking to get it working. ruclips.net/p/PL34sAs7_26wOgqJAHey16337dkqahonNX
Hi Atul, thanks for watching. Yes you can configure haproxy instead of metallb. I have done a video on that as well. You can watch it in the below link. ruclips.net/video/chwofyGr80c/видео.html Cheers.
Can you please create a video on nginx ingress control with Jenkins installation but not using helm for nginx ingress it should be your first video on nginx ingress with haproxy , nginx ingress and Jenkins please do it it's.......o
@@atulbarge5808 No worries. I will add it to my list. But I have loads of other topics which I am preparing at the moment that will be released before I can look into this.
Man your video helped me a lot. Though I am stuck, my website hosted via this nginx shows distorted. Root cause - JS and CSS files are sent out with text/html header from nginx!!!!! I googles a lot about this issue none of solutions worked!! any help!? I tried adding header in nginx.conf file for css and js folder.. etc.. none worked. BTW my hosting is on kubernetes
Nice explanation, I am able to follow the video. I am facing issue with ingress-resource-3 as path based routing for / is working but path based routing for /blue and /green is not working. I am getting error on default backend, please refer below. PS C:\Users\localadmin ginx-scripts\kubernetes\yamls\ingress-demo> kubectl create -f .\ingress-resource-3.yaml ingress.extensions/ingress-resource-3 created PS C:\Users\localadmin ginx-scripts\kubernetes\yamls\ingress-demo> kubectl describe ing ingress-resource-3 Name: ingress-resource-3 Namespace: default Address: Default backend: default-http-backend:80 () Rules: Host Path Backends ---- ---- -------- nginx.example.com / nginx-deploy-main:http (10.240.0.48:80) /blue nginx-deploy-blue:http (10.240.0.80:80) /green nginx-deploy-green:http (10.240.0.129:80) Annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/rewrite-target: / Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning Rejected 3s nginx-ingress-controller All hosts are taken by other resources
Amazing video! I'm having the following error: bind() to 0.0.0.0:80 failed(13: Permission denied). Looks like nginx doesn't has permission to bind to port 80. allowPrivilegeEscalation is true and the user is the default 33 (www-data). Does anyone have any suggestions?
Hi edbbyt, thanks for watching this video. Looks like docker issue on the worker node. github.com/kubernetes/ingress-nginx/issues/3858 What is your storage driver set to? Mine is set to Overlay2. ➜ ~ docker info | grep "Storage Driver" Storage Driver: overlay2 If possible can you change the storage driver and give it a try? Thanks.
@@justmeandopensource Maybe it's something with my cluster? It's a CNI based installation. I saw in the values file that the parameter "hostNetwork", must be true in that kind of installation but even setting to true it doesn't work. I'm using helm 3.0.1 and kubernetes server 1.16.3
@@edbbyt There were couple of workarounds mentioned in the below link. github.com/bitnami/bitnami-docker-nginx/issues/96 One of them was to run nginx as sudo by editing the yaml. And the other was to bind to higher ports that don't require root privilege. Basically any ports under 1024 requires root privilege for binding. May be the container image has been updated since I recorded this video.
@@justmeandopensource That's exactly where I'm struggling .. how to allocate public IP address range ? for example if I have 3 ec2 machines with ip addresses not in sequence ?!
Hi Randy, thanks for watching. If you are asking about the ingress controller, it is deployed via helm and at 6:18 you can see the deployment, pods, services created for it. There is loadbalancer type service created for the ingress controller and that is the one you will be using to access all your services via an ingress route.
paste.ubuntu.com/p/k88XZmHRZs/ Hi Venkat, I am following your series of videos. they are just amazing. your calm style of teaching is beautiful. I am stuck in a situation where I want to understand more about the backend service that is operating behind the ingress. Also, I did try to implement, but got the issue in my ingress. Why is it trying to find a default-http-backend? Please shed light on this ..
Hi Rahul, thanks for watching. I can give this a try but need to know how your set up is different to the one explained in this video? Did you follow the same steps as shown in this video? If so I can try it in my environment to see if its an issue or not. And I think your application and nginx ingress controllers are deployed in different namespaces. Can you just try deploying your apps in the same namespace as the ingress controller? I am not sure it thats the problem but give it a try.
I do love your clear explanation, but I got questions to ask. 1- I am trying to terminate ssl for ingress but it never exposes port 443 2- I am working on private cluster (1 master 2 nodes) on prime. I want to map a domain for my api but I am not sure which server ip should I map with domain name
Hi Phalla, thanks for watching. Once you deploy ingress controller (as a daemonset), you will have an ingress controller pod on each of your kubernetes node and that pod is bound to the host port 80 and 443. Basically you will have a separate load balancer that sends the traffic to all your worker nodes. You then create ingress resource with a domain name for example myservice.example.com. You will have to add an entry to your DNS for this domain name which will point to the load balancer.
![[ Kube 59.1 ] Nginx Ingress in Kubernetes Revisited](http://i.ytimg.com/vi/KnOZwxvxfnA/mqdefault.jpg)
![[ Kube 59.1 ] Nginx Ingress in Kubernetes Revisited](/img/tr.png)
![[ Kube 31 ] Set up Nginx Ingress in Kubernetes Bare Metal](http://i.ytimg.com/vi/chwofyGr80c/mqdefault.jpg)
![Gunna - HIM ALL ALONG [Official Visualizer]](http://i.ytimg.com/vi/HiCxoDeo0hc/mqdefault.jpg)
Exactly what I was looking for!
Glad you found what you wanted. Thanks for watching.
You are the best tutor i found for kubernetes. You are making everything easy and clear, wishing you a good life from Morocco
Hi Yassine, many Thanks for watching.
You are the best tutor i found for kubernetes. You made my kubernetes learning very easy
Hi Hitesh, many thanks for your interest in my videos. Glad you found it useful. Cheers.
Really great tutorial dear Venkat. I have been spending a lot of time trying to learn Kubernetes lately and had been stuck with understanding Ingress controller for a while now, especially with the loadbalancer and its external IP part. I first came to this video and as per your suggestion, jumped to your video on setting up MetalLB and successfully set it up. After that I had no problems following the rest of this video.
I now have a very good understanding of Ingress controller and would now head into more challenging use cases. Thanks a ton.
Hi Siva, many thanks for your interest in this channel. Glad it helped you. Cheers.
@@justmeandopensource Thank you for your response Venkat. I face one issue now and was hoping if you had the time to look at it. I have a deployment of grafana (container port 3000) and the service port is 8000. I tried configuring the ingress similar way how you showed for nginx, but it doesn't work. Do we need to define a new port in the ingress controller for service port 8000 ? I did try it, but it doesn't help. What helped is changing my service port to 80.
Hi Venkat. I just reconfigured my deployment and switched back to service port 8000, but modified the path in the ingress definition so that it is just "/" and now access to the service works fine. Not sure why i cannot give "/grafana" as the path. I have noticed that when i enter the "HOST/grafana", it gets redirected to "HOST/login". Is that the reason why /grafana path doesnt work ? I also tried to define two paths, but it doesnt work as well. I will keep trying.
Hi Venkat. I just reconfigured my deployment and switched back to service port 8000, but modified the path in the ingress definition so that it is just "/" and now access to the service works fine. Not sure why i cannot give "/grafana" as the path. I have noticed that when i enter the "HOST/grafana", it gets redirected to "HOST/login". Is that the reason why /grafana path doesnt work ? I also tried to define two paths, but it doesnt work as well. I will keep trying.
@@sivaramaraju3900 for path based ingress routing to work, you also need to add the annotations to ingress resource as shown in this video
Thankyou so much man for amazing lecture
Hi Shubham, thanks for watching.
thanks bro,got better clarity on ingress and LB
Thanks for watching.
This is a wonderful walk-through. Thank you!
Hi Anthony, thanks for watching.
I am planning to get JOB in Kubernetes, and i watch almost most your videos. Now i know much better then person working in company, LOL
Excellent video! Thank you!
Hi, thanks for watching.
man, you are doing a great job. your videos has a huge share in my kubernetes knowledge. please keep doing these videos. 😍
Hi Ahmed, thanks for your interest in this channel. Very glad to hear this.
It is really valuable tutorial and I have done almost everything but path based routing. the path base routing is not working in my case
Hi ,Nice explanation,we are only use ingress for path routing here ,then why we called it as nginx-ingress load balancer ?
Hi, no matter whether you are using path based or host based ingress routing, internally ingress controller forwards the traffic to respective service and you can configure multiple services based on path. This process is also part of load balancing.
Hi Venkat,
I have couple of doubts,
1. When I do a path based routing, I'm finding the CSS contents 404 but the main index.html page is working.
2. The default load balancer created of type Classic, can I change it to Aws application load balancer?
Very nice tutorial. May I know what terminal that is ?
Great tutorial!! Thanks for your efforts
is there a way to avoid the port remapping? For example, what if I don't want to use localhost:80 but instead keep the same port that my original service is using? If I have a service called "yellow" and by default it runs on port 3000, can I still use the nginx ingress and do a `curl localhost:3000/yellow` or something like that? Hopefully this question makes sense. I'm asking because my "app" is actually an API and will break if the port is remapped.
Great tutorial and thank you
Thanks for watching.
Can we have an updated video on this as I am struggling to understand annotations and ingress class?
Great Video, Thanks bro. What is the command line tool you are using?
Hi Venkat, Thanks for the nice videos,how is the IP assignment happening in ingress and Kubernetes as well,is it automatically assign randomly or can we set static IP ,if it is dynamic, very difficult to manage right in large environment, can you please share if you have any previous video or any other reference on IP management in Kubernetes.Thanks
thanks for nice explanations. Is the procedure same for traefik to use it as ingress controller in microk8s to host multiple websites in backend?
Hi Muhammad, thanks for watching. It should be the same on any Kubernetes cluster. I have done a video on Traefik as well which you can watch in the below link.
ruclips.net/video/A_PjjCM1eLA/видео.html
Thanks.
nice walkthrough , i have followed your video to make nginx ingress controller to work in AWS - EKS cluster -
Hi Jaya, thats good to hear. Thanks for watching. Cheers.
Venkat..Your videos have deepened my understanding in k8s, one question related to this video...How to setup End to End SSL from Ingress to backend ? I see videos only with TLS offloading
Can you please share the difference between Kong Ingress Controller and Kong API gateway ?
If both are same..how routes and services are managed ? Is it same like kong admin api and proxy api ?
Hi Krishna, thanks for watching. Kong ingress controller and api gateway are certainly different. There are various other features with Kong. I am yet to explore Kong and its in my list. Will cover it at some point. Cheers.
Great video thanks for sharing !!!!!!!!!
Hi Justin, thanks for watching.
Hey great content you got there. Could you make a video on how to use ingress-nginx for port routing?
Hi Sotiris, thanks for watching. What do you mean by port routing. Can you give an example? Cheers.
How do you enable http2 on LB->ingress->pod communication? It seems like ingress -> pod losses http2
Thanks for the knowledge sharing. Really helpful. I want to configure ingress for https with awk lb. How do it do that?
Hi Venkat thanks for nginx ingress video. I have multiple dobuts with nginx ingress.I am using AKS and created 5 Load balancer services for 5 microservice. automatically azure created a load balancer named kubernetes-internal(Azure load balancer) and all the remaining load balancers IPs was configured under frontend configuration in kubernetes-internal load balancer (Azure load balancer).
Now while changing the health probes from TCP to http for kubernetes-internal(Azure load balancer), my application is not working. I tried to create http load balancer from master node but it accepts only TCP or UDP load balancers. In this scenario do I need to create nginx-ingress which will take http traffic from azure load balancer? If yes which method I should follow?
Hi, thanks for watching this video. I have no experience with Azure AKS. But see if the below documentation helps.
docs.microsoft.com/en-us/azure/aks/ingress-tls
In this article, the ingress-controller service is exposed as LoadBalancer and all your access to all the internal applications are through this load balancer IP.
You don't have to expose all your 5 services as Load Balancer. As you mentioned that will create 5 load balancers. All your services needs to be only of type clusterIP. Nginx ingress controller would be the only one that needs load balancer and when you hit that load balancer, ingress controller will route the traffic to your internal services. You will have to map the ingress controller load balancer IP to preferred domain names. By doing that you can have just one load balancer service multiple domains.
Thanks.
@@justmeandopensource Thanks venkat for your response
@@PraveenKorvi you are welcome
Hi
Do you have a video for Deploy and use Nginx ingress controller on version >=1.18
As while deploying on 1.18, the nginx controller showing following error
"Watching for Ingress" class="nginx"
W0112 10:59:36.631050 6 flags.go:211] Ingresses with an empty class will also be processed by this Ingress controller
Regards
Zaheer
Hi Zaheer, thanks for watching. I did release another follow up video yesterday.
ruclips.net/video/UvwtALIb2U8/видео.html
Excelent as always ! Now a question... If i put on the site a tsl secret, it will be declared at the ingress, not at the ingress-controller and not in the metallb no ?
Yes, it will be defined in the ingress resource manifest.
@@justmeandopensource Thanks for always reply our questions !!! Another one... you dont have de yamls of nginx in your repository? i dont use helm :( ...
@@gouterelo Yamls for the nginx-ingress? I don't have them locally. Installed it using helm. You can just download the helm binary and do a dry run command to get the yamls you want.
@@justmeandopensource Just install helm and on plug in it transform al in a kustomize.yaml file :D Thanks for al Venkat !!!!
@@gouterelo you are welcome. Cheers.
Hi Siva, i have used metallb as loadbalancer and followed your video to expose the apps with host names but no luck becaz site is not reachable. with LB ip it's working fine...i made dns entry in /etc/hosts file too....i have used internal-ip for metallb is that causing the issue. any help ?
Hi Thanuja, thanks for watching. It should work as exactly shown in this video. So you were able to access your app using LB ip address but not through the hostname (even after adding the entry in /etc/hosts file)? What do you mean by ineternal-ip for metallb? And by the way how did you find me as Siva?
Hi, thanks so much for the video! I've found this really helpful. I have my load balancer deployed on a remote virtual machine. The load balancer has successfully provided an ExternalIP to the ingress controllers. when ssh'd into my virtual machine, I can curl my website just fine using the load balancer's IP. how do I go about exposing that IP to the internet so I can access my services from my local computer using the load balancer's vm's hostname?
Hi sir. can you guide me how to scale up and scale down in ingress with nginx
you are my guru.(dronacharya).. can you explain jenkins x tutorial for me
Thanks for watching this video and taking time to comment. Jenkins X will be a separate series I am planning on. Cheers.
What version of metalLB works with kubernetes 1.11?
Is there a page that shows which versions are compatible with ours?
Hi, Thanks for watching. Check the official page at metallb.universe.tf/ under Requirements section where it was mentioned metallb is supported from Kubernetes v1.13.0 and above. Cheers.
Hi first of all thank you for your great lecture of k8s
I am trying to connect the websocket service using haproxy and nginx-ingress, but an error occurs during the websocket proxy process.
Do I need to configure additional settings for haproxy websocket communication?
Hi, thanks for watching. I believe you will have to configure things differently if you were to access websockets. I haven't tried that yet unfortunately.
Do you have any example to forward raw tcp traffic using nginx ingress?
I have got 504 Gateway timeout Error , what can be done to ingress class to overcome this error
Is it possible to use an IP as host in an ingress nginx instead of a domain name?
Hi can we use ingress for url redirection. eg: /foo/item should go to /service/foo/item
Hi, thanks for the clear explanation.... I am trying to implement ingress controller in my azure kubernetes cluster..... but unable to hit the load balancer endpoint.... can you make a video on AKS which would be very helpful.... thanks in advance
Hi Shravani, thanks for watching. I was covering AWS and GCP and I will see if I get some time to dive in to AKS as well. Cheers.
What if the url in the blue service goes like /blue/show-color -> will redirect to /show-color inside the blue container ?
Becuase does not seem to working in mine at least
Brilliant
Hi Anzo, thanks for watching. Cheers.
Super, this video is very useful for me. Thanks again 🙏, Just for information: i use this one for ip filtering in my infrastructure.
metadata:
annotations:
nginx.ingress.kubernetes.io/whitelist-source-range:
Hi Siva, thanks for watching this video.
Can you please make some videos for Gitlab CI/CD, rabbitmq et redis’ i think is better to complete infra Kuberenetes.
I have Gitlab, Gitops, Spinnaker, Jenkins X and lots more. Wish I had 48 hours a day. Struggling to find time. Will get there for sure. Cheers.
i'm really sorry just a idée, i can understand well.
@@sivaguruvinayagam7779 Don't be sorry. All the topics viewers are requesting are in my interest area and I can't wait to do those. By doing these I am learning as well.
When i create the ingress-resources-1.yaml, i notice that my gke will assign the ingress an external IP address. Is this normal?
Hi Seng, I guess that is normal on GKE which is a managed service. Hiwever my video is based on bare metal cluster where we have to take care of the haproxy load balancing ourselves. Cheers.
Hope this helps.
Google Kubernetes Engine (GKE) provides a built-in and managed Ingress controller called GKE Ingress. This controller implements Ingress resources as Google Cloud load balancers for HTTP(S) workloads in GKE.
Can you explain what $1, $2 does
Nice video, Can pls make an video on RBAC access control
Sure. Thats in my list.
@@justmeandopensource i am unable to find in list , kindly share the video name pls .
@@shanmugamn7916 Sorry. I meant that its in my to do list :)
But I managed to record a video yesterday. As per schedule it will be released on 6th January. I can share it privately with you if you let me know your email address. Thanks.
@@justmeandopensource thanks, If possible to make video on taints, tolerance & node affinity pls.
@@justmeandopensource shanmugam.nsw@gmail.com
you said you will do ingress-nginx but went back to installing nginx-ingress right?
Hi, sorry I lost track of what I was saying in that video.
@@justmeandopensource no worries, still very helpful. Btw, were you able to get path based routing with an external haproxy? The ingress works with external haproxy only for host based routing, but not path based, it works with metallb though deployed within the cluster itself.
@@edufree565 Hmm. I haven't tried actually. In this video I used metallb. But I could give it a try. It should work.
Just me and Opensource pls record whenever you try. Thanks.
@@edufree565 Sure.
sir i am facing Cors origin No Allow-access_control_origin error from Angular ui to SSo keycloak, how to solve this
Hi Raghu, thanks for watching. I guess you have to configure this on the keycloak side.
May be this discussion might help you.
stackoverflow.com/questions/45051923/keycloak-angular-no-access-control-allow-origin-header-is-present
How do I get terminal like yours. It’s beautiful
Hi Joshu, thanks for watching. I basically used Zsh shell in a Gnome Terminal with oh-my-zsh and zsh-autosuggestions plugin for suggesting commands from my history.
I have done a video on my terminal setup long time ago which isn't exactly what you see in this video but will give you an idea.
ruclips.net/video/soAwUq2cQHQ/видео.html
In this video, I used I3 Tiling window manager on Manjaro Linux. I have done a series of video on this as well but might need a little tweaking to get it working.
ruclips.net/p/PL34sAs7_26wOgqJAHey16337dkqahonNX
well-explained!
Hi Eslam, thanks for watching this video.
why when i redirect to nginx.example.com/blue or green it give 404 error ?
Nevermind i found out that i install wrong version nginx inc, should be ingress-nginx
@@nguyenbao6753 Cool.
What changes if I use haproxy load balancer instead of metal lb and how to use haproxy for this vedio
Hi Atul, thanks for watching. Yes you can configure haproxy instead of metallb. I have done a video on that as well. You can watch it in the below link.
ruclips.net/video/chwofyGr80c/видео.html
Cheers.
Can you please create a video on nginx ingress control with Jenkins installation but not using helm for nginx ingress it should be your first video on nginx ingress with haproxy , nginx ingress and Jenkins please do it it's.......o
@@atulbarge5808 No worries. I will add it to my list. But I have loads of other topics which I am preparing at the moment that will be released before I can look into this.
@@justmeandopensource ok will wait for that actually I am stuck when I am trying to use same for my production .
@@atulbarge5808 Sure.
Man your video helped me a lot. Though I am stuck, my website hosted via this nginx shows distorted. Root cause - JS and CSS files are sent out with text/html header from nginx!!!!! I googles a lot about this issue none of solutions worked!! any help!?
I tried adding header in nginx.conf file for css and js folder.. etc.. none worked. BTW my hosting is on kubernetes
Nice vide! good job!
Can it be done on kubernetes which is on VMware?
You can deploy this on any kubernetes cluster. Thanks for watching. Cheers.
@@justmeandopensource Thank you. 🙏
@@nagachaitanyab3363 You are welcome.
Can you please explain nlb ingress controller..In eks
I can give it a try. Cheers.
great :)
Hi Hemant, thanks for watching.
Nice explanation, I am able to follow the video. I am facing issue with ingress-resource-3 as path based routing for / is working but path based routing for /blue and /green is not working. I am getting error on default backend, please refer below.
PS C:\Users\localadmin
ginx-scripts\kubernetes\yamls\ingress-demo> kubectl create -f .\ingress-resource-3.yaml
ingress.extensions/ingress-resource-3 created
PS C:\Users\localadmin
ginx-scripts\kubernetes\yamls\ingress-demo> kubectl describe ing ingress-resource-3
Name: ingress-resource-3
Namespace: default
Address:
Default backend: default-http-backend:80 ()
Rules:
Host Path Backends
---- ---- --------
nginx.example.com
/ nginx-deploy-main:http (10.240.0.48:80)
/blue nginx-deploy-blue:http (10.240.0.80:80)
/green nginx-deploy-green:http (10.240.0.129:80)
Annotations: kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Rejected 3s nginx-ingress-controller All hosts are taken by other resources
Can you explain sticky sessions with nginx ingress? I've trying all and I can't got it
Hi, I will have to play with it first in order to comment. I will see if I can find some time for this. Cheers.
@@justmeandopensource Great! I try with nginx, traefik, gke ingress and nothing
@@PabloVidalOtero Hmm. Right.
Amazing video! I'm having the following error: bind() to 0.0.0.0:80 failed(13: Permission denied). Looks like nginx doesn't has permission to bind to port 80. allowPrivilegeEscalation is true and the user is the default 33 (www-data). Does anyone have any suggestions?
Hi edbbyt, thanks for watching this video. Looks like docker issue on the worker node.
github.com/kubernetes/ingress-nginx/issues/3858
What is your storage driver set to? Mine is set to Overlay2.
➜ ~ docker info | grep "Storage Driver"
Storage Driver: overlay2
If possible can you change the storage driver and give it a try?
Thanks.
@@justmeandopensource Mine is overlay2 too :-(
Server Version: 18.09.7
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
@@justmeandopensource Maybe it's something with my cluster? It's a CNI based installation. I saw in the values file that the parameter "hostNetwork", must be true in that kind of installation but even setting to true it doesn't work.
I'm using helm 3.0.1 and kubernetes server 1.16.3
@@edbbyt There were couple of workarounds mentioned in the below link.
github.com/bitnami/bitnami-docker-nginx/issues/96
One of them was to run nginx as sudo by editing the yaml. And the other was to bind to higher ports that don't require root privilege. Basically any ports under 1024 requires root privilege for binding. May be the container image has been updated since I recorded this video.
@@justmeandopensource Is there any problem if I run it with root privileges?
How to make this work in production ?!
Hi Nur, thanks for watching.
Its mostly the same steps. However for true HA, you will have to make sure your HAProxy load balancer is also HA ready.
Just me and Opensource could you explain more please ... I tried loadbalancer with external Ip address but it doesn’t work
Did you set up metallb? Thats how you can use load blancer with external ip on bare metals.
@@justmeandopensource That's exactly where I'm struggling .. how to allocate public IP address range ? for example if I have 3 ec2 machines with ip addresses not in sequence ?!
How we can get load balancing between this 3 services?
Hi Timotey, thanks for watching. You are already load balancing using service resource. The service will load balance the request to the backend pods.
no need to create a service? only deployment?
Hi Randy, thanks for watching. If you are asking about the ingress controller, it is deployed via helm and at 6:18 you can see the deployment, pods, services created for it. There is loadbalancer type service created for the ingress controller and that is the one you will be using to access all your services via an ingress route.
@@justmeandopensource thank you for the response, I mean yaml file of main, blue and green.
@@randythamrin5976 Starting at 10:21, you can see I ran three kubectl expose commands to create clusterip service for the three nginx deployment.
@@justmeandopensource Thank you, I do understand now before I Don't really get what expose command for.
@@randythamrin5976 No worries.
referring to 6:49 as it auto assigns external ip how do i give my own static ip so it wont change ever
I am also looking for same solution. Somehow patching is not working
Venkay: can you please provde inputs
paste.ubuntu.com/p/k88XZmHRZs/
Hi Venkat,
I am following your series of videos. they are just amazing. your calm style of teaching is beautiful.
I am stuck in a situation where I want to understand more about the backend service that is operating behind the ingress. Also, I did try to implement, but got the issue in my ingress. Why is it trying to find a default-http-backend?
Please shed light on this ..
Hi Rahul, thanks for watching. I can give this a try but need to know how your set up is different to the one explained in this video? Did you follow the same steps as shown in this video?
If so I can try it in my environment to see if its an issue or not. And I think your application and nginx ingress controllers are deployed in different namespaces. Can you just try deploying your apps in the same namespace as the ingress controller? I am not sure it thats the problem but give it a try.
Anyone thinking about the nginx-ingress DEPRECATED thing.
helm repo add ingress-nginx kubernetes.github.io/ingress-nginx
helm repo add stable kubernetes-charts.storage.googleapis.com/
helm repo update
To install:
helm install [RELEASE_NAME] ingress-nginx/ingress-nginx
Source:
artifacthub.io/packages/helm/ingress-nginx/ingress-nginx
Hi Rahul, thanks for sharing this.
I do love your clear explanation, but I got questions to ask.
1- I am trying to terminate ssl for ingress but it never exposes port 443
2- I am working on private cluster (1 master 2 nodes) on prime. I want to map a domain for my api but I am not sure which server ip should I map with domain name
Hi Phalla, thanks for watching.
Once you deploy ingress controller (as a daemonset), you will have an ingress controller pod on each of your kubernetes node and that pod is bound to the host port 80 and 443. Basically you will have a separate load balancer that sends the traffic to all your worker nodes. You then create ingress resource with a domain name for example myservice.example.com. You will have to add an entry to your DNS for this domain name which will point to the load balancer.
@@justmeandopensource crystal clear, thank
@@phalla6646 No worries. You are welcome.