Tags: ingress, nginx, network
TABLE OF CONTENTS
Overview
The problem manifests itself as ingress rules without ingress controller load balancer IP in the status field when two or more nginx ingress controllers helm chart releases serving different ingress classes are deployed in the same cluster.
The problem is due to the fact that the nginx ingress controller helm chart uses fixed default value for electionID parameter.
This leads to a situation where only one common leader is elected among all instances of ingress controllers, even if they serve different ingress classes.
As a result, only ingresses of the ingress class served by the ingress controller leader instance can be updated with corresponding ingress controller LoadBalancer IP.
Solution
To ensure that multiple nginx ingress controller releases do not conflict in the same cluster, make sure that they serve different ingress classes and have different electionID values configured.
The following example shows two additional nginx ingress controllers deployed in the same cluster:
spec:
packages:
my-ingress1:
chart:
url: 'https://github.com/kubernetes/ingress-nginx/releases/download/helm-chart-4.0.12/ingress-nginx-4.0.12.tgz'
helmVersion: v3.7.1
namespace: kube-system
releaseName: my-ingress1-nginx
values:
controller:
electionID: my-ingress1-controller-leader
ingressClassResource:
controllerValue: k8s.io/my-ingress1-nginx
default: false
enabled: true
name: my-ingress1-nginx
my-ingress2:
chart:
url: 'https://github.com/kubernetes/ingress-nginx/releases/download/helm-chart-4.0.12/ingress-nginx-4.0.12.tgz'
helmVersion: v3.7.1
namespace: kube-system
releaseName: my-ingress2-nginx
values:
controller:
electionID: my-ingress2-controller-leader
ingressClassResource:
controllerValue: k8s.io/my-ingress2-nginx
default: false
enabled: true
name: my-ingress2-nginxNote that Kublr standard ingress controller uses the same nginx ingress controller helm chart, therefore considerations described in this article are applicable to it as well.
When enabled, Kublr standard nginx ingress controller uses the following parameter values:
- ingress class: nginx
- controller value: k8s.io/ingress-nginx
- election ID: ingress-controller-leader
- default: true (process all ingress rules without ingress class specified)
When deploying additional nginx ingress controllers together with the standard Kublr nginx ingress controller, it is recommended to select and specify different ingress class and electionID values.
If it is not possible for any reason, default Kublr ingress controller electionID value my be overridden as follows:
spec:
features:
ingress:
values:
nginx-ingress:
controller:
electionID: alternate-ingress-controller-leaderReferences
- https://support.kublr.com/support/solutions/articles/33000257047-customize-ingress-and-ingress-controller-configuration
- https://github.com/kubernetes/ingress-nginx
- https://github.com/kubernetes/ingress-nginx/blob/main/charts/ingress-nginx/values.yaml
- https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/#configuration