NGINX Ingress Controller¶
Add-on Overview¶
The NGINX Ingress Controller add-on can automatically modify configurations when there are changes to pods in Services. This add-on uses Nginx's excellent stability, performance, and concurrent processing ability to effectively manage containerized applications at the application layer.
Add-on Parameters¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
basic | No | object | Basic configuration parameters, which do not need to be specified |
flavor | Yes | Table 2 object | Flavor parameters |
custom | Yes | Table 3 object | Custom parameters |
Parameter | Mandatory | Type | Description |
---|---|---|---|
replicas | Yes | String | Number of pods. The default value is 1. |
resources | Yes | resources object | Container resource (CPU and memory) quotas |
Parameter | Mandatory | Type | Description |
---|---|---|---|
ingressClass | Yes | String | Controller name. The default value is nginx. |
namespace | Yes | String | Namespace where the add-on is in. The default value is kube-system. |
service | Yes | Configuration of a Service that provides external access | |
config | No | Map<String>String | Nginx configuration parameters. For details, see ConfigMaps. |
admissionWebhooks | No | Configuration of ingress admission verification. | |
metrics | No | Monitoring metric configuration. | |
defaultBackendService | No | String | Default 404 service, which is in the format of <namespace>/<service_name>. |
extraArgs | No | Extended parameter configuration. | |
multiAZEnable | No | bool | Whether to enable the forcible mode of multi-AZ deployment for the deployment component. The default value is false. Deployment pods of the add-on will be forcibly scheduled to nodes in different AZs. If there are fewer AZs than pods, the extra pods will fail to run. If both multiAZEnable and multiAZBalance are set to true, the settings of multiAZBalance take effect, which means, the equivalent mode of multi-AZ deployment is used. |
multiAZBalance | No | bool | Whether to enable the equivalent mode of multi-AZ deployment for the deployment component. The default value is false. Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, it is recommended that you increase add-on pods for cross-AZ HA deployment. With the equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ. |
tolerations | No | Array of Table 5 | Toleration configuration |
node_match_expressions | No | Array of Table 6 | Add-on pod affinity configuration |
Parameter | Mandatory | Type | Description |
---|---|---|---|
limitsCpu | Yes | String | CPU size limit (unit: m) |
limitsMem | Yes | String | Memory size limit (unit: Mi) |
name | Yes | String | Add-on name. The value is fixed at nginx-ingress. |
requestsCpu | Yes | String | Requested CPU size (unit: m) |
requestsMem | Yes | String | Requested memory size (unit: Mi) |
Parameter | Mandatory | Type | Description |
---|---|---|---|
key | No | String | Taint key |
effect | No | String | Taint policy |
operator | No | String | Operator |
tolerationSeconds | No | Int | Toleration time window |
Parameter | Mandatory | Type | Description |
---|---|---|---|
key | No | String | Taint key |
values | No | List<String> | Node affinity name |
operator | No | String | Operator |
Parameter | Mandatory | Type | Description |
---|---|---|---|
enable | No | bool | Whether to enable ingress resource admission verification. The default value is true. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
annotations | No | Map<String>String | Annotations of a Service that provides external access. This parameter is only for configurations of ELB-related options, such as kubernetes.io/elb.class, kubernetes.io/elb.id, and kubernetes.io/elb.pass-through. |
loadBalancerIP | No | String | Load balancer IP address used by the Service that is interconnected with the load balancer. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
enable | No | bool | Whether to monitor metrics. The default value is true. |
excludeSocketMetrics | No | String | Shielded monitoring metrics. The default value is "nginx_ingress_controller_success,nginx_ingress_controller_header_duration_seconds,nginx_ingress_controller_ingress_upstream_latency_seconds". |
Parameter | Mandatory | Type | Description |
---|---|---|---|
default-ssl-certificat | No | String | Default certificate configuration. For details, see Default SSL Certificate. |
Example Request¶
{
"kind": "Addon",
"apiVersion": "v3",
"metadata": {
"annotations": {
"addon.install/type": "install"
}
},
"spec": {
"clusterID": "2292498e-**************ac1001ba",
"version": "2.2.52",
"addonTemplateName": "nginx-ingress",
"values": {
"basic": {
"basickey":"val"
},
"flavor": {
"replicas": 2,
"resources": [{
"limitsCpu": "8000m",
"limitsMem": "4000Mi",
"name": "nginx-ingress",
"requestsCpu": "8000m",
"requestsMem": "4000Mi"
}]
},
"custom": {
"config": {
"keep-alive-requests": "100"
},
"defaultBackend": {
"enabled": true
},
"defaultBackendService": "",
"extraArgs": {
"default-ssl-certificate": ""
},
"ingressClass": "nginx",
"multiAZBalance": false,
"multiAZEnabled": false,
"namespace": "kube-system",
"node_match_expressions": [],
"service": {
"annotations": {
"kubernetes.io/elb.class": "performance",
"kubernetes.io/elb.id": "8d6bd485-d8ac-4693-815d-9d54d79b0666"
},
"loadBalancerIP": ""
},
"tolerations": [{
"key": "node.kubernetes.io/not-ready",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 60
},
{
"key": "node.kubernetes.io/unreachable",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 60
}]
}
}
}
}