Deploy NGINX Ingress Controller

In this section you will configure and deploy the NGINX Ingress Controller and expose it using an external network load balancer.

What You'll Need


  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments
  2. Edit rok/nginx-ingress-controller/overlays/deploy/kustomization.yaml and use service-gclb as base, instead of the default ingress-alb:

    #- ../ingress-alb
    #- ../service-elb
    #- ../service-azurelb
    - ../service-gclb
  3. Edit rok/nginx-ingress-controller/overlays/deploy/kustomization.yaml and enable only the service-gclb patch, instead of the default ingress-alb and service-alb:

    #- path: patches/ingress-alb.yaml
    #- path: patches/service-alb.yaml
    #- path: patches/service-elb.yaml
    #- path: patches/service-azurelb.yaml
    - path: patches/service-gclb.yaml
  4. Enable the firewall in your Google Cloud Load Balancer and allow access only to specific CIDRs. Edit rok/nginx-ingress-controller/overlays/deploy/patches/service-gclb.yaml and set loadBalancerSourceRanges to the desired trusted CIDRs. Leave the default value of if you want to allow access for everyone:

      - ""
  5. Commit your changes:

    root@rok-tools:~/ops/deployments# git commit -am "Expose NGINX Ingress Controller with a Google Cloud Load Balancer"
  6. Deploy NGINX Ingress Controller:

    root@rok-tools:~/ops/deployments# rok-deploy --apply rok/nginx-ingress-controller/overlays/deploy


  1. Verify that NGINX Ingress Controller is up-and-running. Check pod status and verify field STATUS is Running and field READY is 1/1:

    root@rok-tools:~/ops/deployments# kubectl -n ingress-nginx get pods
    NAME                                        READY   STATUS    RESTARTS AGE
    nginx-ingress-controller-7f74f657bd-ln59l   1/1     Running   0        1m
  2. Verify that the Load Balancer Service has an external IP:

    root@rok-tools:~/ops/deployments# kubectl -n ingress-nginx get service
    NAME            TYPE           CLUSTER-IP    EXTERNAL-IP    PORT(S)                      AGE
    ingress-nginx   LoadBalancer    80:30099/TCP,443:30719/TCP   1m


You have successfully deployed the NGINX Ingress Controller and exposed it using a Google Cloud Load Balancer.

What's Next

The next step is to create a Cloud DNS managed zone.