https://pulumi.com logo
#kubernetes
Title
# kubernetes
s

sparse-spring-91820

12/06/2021, 11:12 PM
I know that issue is not related to Pulumi itself but maybe someone faced the same issue and know solution. I am trying to create ingress-nginx controller for each namespace (dev, staging, prod) and I got errors saying that
"nginx-ingress-nginx-admission" already exists
etc. I added:
Copy code
values: {
    controller: {
      ingressClassResource: {
        name,
        enabled: true,
        default: false,
        controllerValue: `<http://k8s.io/${currentStack}-ingress-nginx|k8s.io/${currentStack}-ingress-nginx>`
      },
  ...
config as described in docs: https://kubernetes.github.io/ingress-nginx/user-guide/multiple-ingress/ . Also I added
Copy code
ingressClassName: name,
to the Ingress rule but still doesn't work. Does anyone know solution? Thanks 🙌
b

billowy-army-68599

12/06/2021, 11:28 PM
an you share your full code?
s

sparse-spring-91820

12/06/2021, 11:40 PM
Copy code
const name = `nginx-${currentStack}`;

const nginx = new k8s.helm.v3.Chart('nginx', {
  namespace,
  chart: 'ingress-nginx',
  version: '4.0.6',
  fetchOpts: { repo: '<https://kubernetes.github.io/ingress-nginx>' },
  values: {
    controller: {
      ingressClassResource: {
        name,
        enabled: true,
        default: false,
        controllerValue: `<http://k8s.io/${currentStack}-ingress-nginx|k8s.io/${currentStack}-ingress-nginx>`
      },
      service: {
        targetPorts: {
          http: 'http',
          https: 'http'
        },
        annotations: {
          '<http://service.beta.kubernetes.io/aws-load-balancer-ssl-cert|service.beta.kubernetes.io/aws-load-balancer-ssl-cert>': acmConfig.require('sslCertificateArn'),
          '<http://service.beta.kubernetes.io/aws-load-balancer-backend-protocol|service.beta.kubernetes.io/aws-load-balancer-backend-protocol>': 'http',
          '<http://service.beta.kubernetes.io/aws-load-balancer-ssl-ports|service.beta.kubernetes.io/aws-load-balancer-ssl-ports>': 'https',
          '<http://service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout|service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout>': '3600'
        }
      }
    }
  }
}, { providers: { kubernetes: provider } });

const ingress = new k8s.networking.v1.Ingress('nginx-ingress-rule', {
  metadata: { name, namespace },
  spec: {
    ingressClassName: name,
    rules: [{
      host: serverConfig.require('host'),
      http: {
        paths: [{
          path: '/',
          pathType: 'Prefix',
          backend: {
            service: {
              name: service.metadata.name,
              port: { number: 3000 }
            }
          }
        }]
      }
    }]
  }
}, { provider });
should I just create one ingress controller using helm chart and then for each namespace create Ingress rule? Or it's better to somehow create ingress controller for each namespace
b

billowy-army-68599

12/07/2021, 12:05 AM
it sorta depends, will your ingress controllers have different purposes? You can deploy an ingress controller for internal or extermal loadbalancers for example, one for each
"nginx-ingress-nginx-admission" already exists this error implies there's a global resource on the cluster being overwritten, I, not sure what that might be though
s

sparse-spring-91820

12/07/2021, 8:08 AM
My Ingress controller will be external for all cases. It should redirect external traffic to one of dev, staging or prod server pods (depending on namespace)
b

billowy-army-68599

12/07/2021, 2:16 PM
then you probably don't need multiple ingress controllers
s

sparse-spring-91820

12/07/2021, 2:54 PM
Yeah, thanks @billowy-army-68599. I moved ingress controller resource to other project which only has
main
stack and inside other project where I have 3 stacks (dev, staging, prod) I created Ingress rule for each stack/namespace that uses ingress controller from the main stack
3 Views