Configure microk8s NGINX Ingress

This is a very simple and short tutorial which helps you configure your NGINX Ingress on microk8s. A common use case is enabling the use-forwarded-headers flag so that NGINX passes incoming X-Forwarded-* headers to upstreams.

Verify Addon Presence

Let’s verify that the our ingress addon is enabled and running.

root@ubuntu:~# microk8s enable ingress
Addon ingress is already enabled.

root@ubuntu:~# microk8s.kubectl get pods -A | grep ingress
ingress        nginx-ingress-microk8s-controller-8c2bd    1/1     Running   ...

root@ubuntu:~# curl
<head><title>404 Not Found</title></head>
<center><h1>404 Not Found</h1></center>

As you can see we first check that the add on is enabled. Then, we verify the relevant pods are up and running. Finally, we do a local HTTP request to check if effectively NGINX is serving our requests. At the time of writing, the ingress addon is automatically exposing NGINX on port 80 and 443.

Notice that the pod is running in the ingress namespace. We will use this in the next step.

Find ConfigMaps

We now want to find which configuration maps were setup for the NGINX Ingress.

root@ubuntu:~# microk8s.kubectl -n ingress get configmaps
NAME                                DATA   AGE
kube-root-ca.crt                    1      4d11h
nginx-load-balancer-microk8s-conf   0      4d11h
nginx-ingress-tcp-microk8s-conf     0      4d11h
nginx-ingress-udp-microk8s-conf     0      4d11h
ingress-controller-leader           0      4d11h

We have three ConfigMaps already setup.

nginx-load-balancer-microk8s-conf is best used to enable any configuration option we want on NGINX.

nginx-ingress-tcp-microk8s-conf and nginx-ingress-udp-microk8s-conf are used to expose services over protocols other than HTTP as described in this other tutorial: Expose TCP and UDP services with the Kubernetes Nginx Ingress Controller.

Editing the ConfigMaps

We will now edit one of the ConfigMaps to set the use-forwarded-headers to true.

root@ubuntu:~# microk8s.kubectl -n ingress edit configmaps nginx-load-balancer-microk8s-conf

You will be shown the ConfigMap in YAML that you can edit. I commented the lines you need to add.

apiVersion: v1
kind: ConfigMap
data: #add
  use-forwarded-headers: "true" #add
  annotations: |
  creationTimestamp: "2022-03-22T17:56:51Z"
  name: nginx-load-balancer-microk8s-conf
  namespace: ingress
  resourceVersion: "666"
  selfLink: /api/v1/namespaces/ingress/configmaps/nginx-load-balancer-microk8s-conf
  uid: 1cf017c4-505a-47f1-8ff6-6dc93efd853d

Verify the configuration change was detected

We will now check the logs of the actual Pod running as the ingress controller. In your environment the Pod name will be different, make sure to use the correct one.

root@ubuntu:~# microk8s.kubectl -n ingress get pods
NAME                                      READY   STATUS    RESTARTS       AGE
nginx-ingress-microk8s-controller-8c2bd   1/1     Running   2 (3d1h ago)   4d12h

root@ubuntu:~# microk8s.kubectl -n ingress logs <your pod name here> | grep reload
I0327 06:10:55.807716       7 controller.go:155] "Configuration changes detected, backend reload required"
I0327 06:10:55.879639       7 controller.go:172] "Backend successfully reloaded"
I0327 06:10:55.879811       7 event.go:282] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress", Name:"nginx-ingress-microk8s-controller-8c2bd", UID:"fbc5a43f-780c-4f9e-bcaf-edbbce4b61a8", APIVersion:"v1", ResourceVersion:"257743", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration


Done! That was easy!

Hope you enjoyed it and let me know if you want to tackle some other topic in particular!