How to create nginx ingress controller for private AKS cluster

Question

Am looking for any options on creating creating nginx ingress controller for private AKS cluster. The microsoft documents only mentions about the public cluster.

Thanks Raam

Answer 1

A private AKS cluster is a cluster where the API endpoint is private (so the masters), but not the node pools with the actual workloads (https://learn.microsoft.com/en-us/azure/aks/private-clusters).

To install an NGINX ingress just follow the normal installation flow and it will work - but of course you will have to connect to your cluster using a valid method like a VM in the same VNET, for example.

If what you want to do is to create an ingress that is accessible only from inside your VNET, what you need is an ingress associated with an internal load balancer (https://learn.microsoft.com/en-us/azure/aks/ingress-internal-ip).

For NGINX with HELM

Create a file called internal-ingress.yaml with this content:

controller:
  service:
    loadBalancerIP: YOUR_PRIVATE_IP_HERE
    annotations:
      service.beta.kubernetes.io/azure-load-balancer-internal: "true"

Then install NGINX with HELM applying the file in question:

# Create a namespace for your ingress resources
kubectl create namespace ingress-basic

# Add the ingress-nginx repository
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

# Use Helm to deploy an NGINX ingress controller
helm install nginx-ingress ingress-nginx/ingress-nginx \
    --namespace ingress-basic \
    -f internal-ingress.yaml \
    --set controller.replicaCount=2 \
    --set controller.nodeSelector."beta\.kubernetes\.io/os"=linux \
    --set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux \
    --set controller.admissionWebhooks.patch.nodeSelector."beta\.kubernetes\.io/os"=linux