We saw in many posts of this blog, where we were installing a K8s cluster, how to install an NGINX ingress controller with just one command:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.0/deploy/static/provider/cloud/deploy.yaml
In this post, we will see another way to install NGINX. But, before that, why would we install it differently if we just run one command with the previous method?
Why using Helm
The way we’ve been installing NGINX in all of our K8s installations was deploying NGINX with a default configuration. However, in many situations, we will need to customize this installation and modify values in the manifests of the different K8s resources that get created during the NGINX deployment.
Some examples:
- We might need to change the number of replicas to run the controller
- We might need to use an existing Load Balancer instead of creating a new one in our cloud provider
- We might need to adjust the Resource Limits and set different values for CPU and memory requests/limits
- We might need to add custom annotations to enable specific features of NGINX (like sticky sessions, custom headers or SSL/TLS configuration) or specific features of the cloud provider
- As we’ll see in a different post, we might need to use more than one ingress controller to segregate internal and external traffic
Making changes for these scenarios will require us manually modifying the yaml files of the NGINX deployment. And this is when Helm becomes a very handy tool.
Helm allows us to use the NGINX chart and make these changes in the values.yaml file as opposed to modifying directly the manifest files.
The values.yaml file is the way Helm parametrizes the installation of all resources, externalizing the values we want to modify to a yaml file, which allows us to control much more the changes to be applied. It will also help us to set a version control and be able know what changes we applied on each update and revert back to a previous deploy if necessary.
Now that we know why, let’s see how to install NGINX with Helm. These are the steps to follow
Install K3s without Traefik
The first thing we need is a K8s cluster. Since we just need to test NGINX we don’t need a full EKS, AKS or OpenShift. We can just use a quick and simple K3s cluster. For that we will install a K3s without Traefik. As we saw in this post, we just need to run this command:
curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" INSTALL_K3S_VERSION=<VERSION> INSTALL_K3S_EXEC="--disable traefik" sh -s -
Verify the cluster is running with kubectl get nodes
And lastly, verify that traefik has not been installed with
kubectl get pods -n kube-system
. You should not see any pod related to traefik in the kube-system
namespace.
Install Helm
Follow the steps:- add the gpg key of helm to our repositories
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
- Install the additional components required by Helm
sudo apt-get install apt-transport-https
- Install Helm
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm
- Verify installation
helm version
- Set up the KUBECONFIG variable so that Helm can connect to the K3s cluster
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
NGINX Basic Installation with Helm
- Add the nginx repository to helm
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
- Verify that the new repo is in the list of repos of your Helm installation
helm repo list
- update the new repo
helm repo update
- We’ll create a dedicated namespace for all the ingress resources called ingress-nginx
kubectl create ns ingress-nginx
- And finally, we’ll run the helm command to install the NGINX
helm install ingress-nginx ingress-nginx/ingress-nginx \
--namespace ingress-nginx \
--set controller.ingressClassResourcename=nignx
- The Controller can be configured to publish the IP address on each Ingress by setting the
controller.publishService.enabled
parameter totrue
duringhelm install
. It is recommended to enable this setting to support applications that may depend on the IP address of the Load Balancer.
- Verify NGINX is running
kubectl get all -n ingress-nginx
- This will automatically create a Load Balancer. Wait until the
<pending> state
of theEXTERNAL-IP
column changes to the IP address. Verify that with
kubectl get svc -n ingress-nginx