- Published on
Cert Manager and Nginx Ingress Controller on AKS Cluster with static IP
Series: Azure Kubernetes (AKS) Deployment for .Net
This post is part of the Azure Kubernetes (AKS) Deployment for .Net series.
Table of Contents
Introduction
In the previous article we have created AKS cluster using Terraform. In this article we will setup Cert Manager and Nginx Ingress Controller on AKS Cluster.
Prerequisite
Make sure you have completed the previous article and have AKS cluster ready.
Setup Cert Manager
Cert-Manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.
Install Cert Manager
Cert Manager is deployed as a series of Kubernetes components, and we will install it using Helm.
helm repo add jetstack https://charts.jetstack.io
helm repo update
Prepare the terraform script
Update the terraform script to install cert manager.
resource "azurerm_public_ip" "aks_static_ip" {
depends_on = [azurerm_kubernetes_cluster.aks]
name = "${local.name_suffix}-aks-static-ip"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_kubernetes_cluster.aks.node_resource_group
allocation_method = "Static"
sku = "Standard"
tags = var.resource_group_tags
}
This will create a static IP address for the ingress controller.
locals {
aks_namespace = "${var.resource_group_tags["project"]}-${var.resource_group_tags["environment"]}-ingress-nginx"
}
This will create a name based on the project and environment.
resource "kubernetes_namespace" "ingress_namespace" {
depends_on = [azurerm_kubernetes_cluster.aks]
metadata {
name = "${local.aks_namespace}"
}
}
This will create a namespace for the ingress controller.
resource "helm_release" "nginx_ingress" {
depends_on = [azurerm_public_ip.aks_static_ip]
name = "nginx-ingress"
repository = "https://kubernetes.github.io/ingress-nginx"
chart = "ingress-nginx"
namespace = "${local.aks_namespace}"
version = "4.7.0"
set {
name = "controller.service.loadBalancerIP"
value = azurerm_public_ip.aks_static_ip.ip_address
}
set {
name = "controller.service.externalTrafficPolicy"
value = "Local"
}
}
This will install the nginx ingress controller. we are setting the static IP address for the ingress controller.
resource "helm_release" "cert_manager" {
depends_on = [azurerm_kubernetes_cluster.aks]
name = "cert-manager"
repository = "https://charts.jetstack.io"
chart = "cert-manager"
namespace = "${local.aks_namespace}"
version = "1.12.0"
set {
name = "installCRDs"
value = true
}
}
This will install the cert manager.
Plan and Apply the terraform script with tfvars
terraform plan -var-file="dev.tfvars"
This will show the plan for the terraform script.
terraform apply -var-file="dev.tfvars" -auto-approve
This will apply the terraform script.
Conclusion
In this article we have setup Cert Manager and Nginx Ingress Controller on AKS Cluster. It will help us to manage the certificates and ingress controller. In the next article we will see how to use cloudflare for DNS and setup the DNS records automatically using Terraform.
Related Posts
Continue reading with these related articles
Create AKS cluster and ACR with Terraform
In this we will create Azure Kubernetes (AKS) cluster and Azure Container Registry (ACR).
Azure Deployment for .Net - Introduction - Prerequisites
This is the introduction to the Azure Deployment for .Net series.