- Published on
Cert Manager and Nginx Ingress Controller on AKS Cluster with static IP
Table of Contents
- Azure Deployment for .Net - Introduction - Prerequisites
- Create AKS cluster and ACR with Terraform
- Cert Manager and Nginx Ingress Controller on AKS Cluster with static IP (This post)
- Cloudflare DNS for AKS Cluster with Terraform
- Build, Version and Publish .Net Application to ACR using GitHub Actions
Introduction
In the previous article we have created AKS cluster using Terraform. In this article we will setup Cert Manager and Nginx Ingress Controller on AKS Cluster.
Prerequisite
Make sure you have completed the previous article and have AKS cluster ready.
Setup Cert Manager
Cert-Manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.
Install Cert Manager
Cert Manager is deployed as a series of Kubernetes components, and we will install it using Helm.
helm repo add jetstack https://charts.jetstack.io
helm repo update
Prepare the terraform script
Update the terraform script to install cert manager.
resource "azurerm_public_ip" "aks_static_ip" {
depends_on = [azurerm_kubernetes_cluster.aks]
name = "${local.name_suffix}-aks-static-ip"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_kubernetes_cluster.aks.node_resource_group
allocation_method = "Static"
sku = "Standard"
tags = var.resource_group_tags
}
This will create a static IP address for the ingress controller.
locals {
aks_namespace = "${var.resource_group_tags["project"]}-${var.resource_group_tags["environment"]}-ingress-nginx"
}
This will create a name based on the project and environment.
resource "kubernetes_namespace" "ingress_namespace" {
depends_on = [azurerm_kubernetes_cluster.aks]
metadata {
name = "${local.aks_namespace}"
}
}
This will create a namespace for the ingress controller.
resource "helm_release" "nginx_ingress" {
depends_on = [azurerm_public_ip.aks_static_ip]
name = "nginx-ingress"
repository = "https://kubernetes.github.io/ingress-nginx"
chart = "ingress-nginx"
namespace = "${local.aks_namespace}"
version = "4.7.0"
set {
name = "controller.service.loadBalancerIP"
value = azurerm_public_ip.aks_static_ip.ip_address
}
set {
name = "controller.service.externalTrafficPolicy"
value = "Local"
}
}
This will install the nginx ingress controller. we are setting the static IP address for the ingress controller.
resource "helm_release" "cert_manager" {
depends_on = [azurerm_kubernetes_cluster.aks]
name = "cert-manager"
repository = "https://charts.jetstack.io"
chart = "cert-manager"
namespace = "${local.aks_namespace}"
version = "1.12.0"
set {
name = "installCRDs"
value = true
}
}
This will install the cert manager.
Plan and Apply the terraform script with tfvars
terraform plan -var-file="dev.tfvars"
This will show the plan for the terraform script.
terraform apply -var-file="dev.tfvars" -auto-approve
This will apply the terraform script.
Conclusion
In this article we have setup Cert Manager and Nginx Ingress Controller on AKS Cluster. It will help us to manage the certificates and ingress controller. In the next article we will see how to use cloudflare for DNS and setup the DNS records automatically using Terraform.
Related Posts
Build, Version and Publish .Net Application to ACR using GitHub Actions
In this article, we will see how to build, version and publish .Net application to Azure Container Registry (ACR) using GitHub Actions.
Cloudflare DNS for AKS Cluster with Terraform
In this we will setup Cloudflare DNS for AKS Cluster with Terraform
Create AKS cluster and ACR with Terraform
In this we will create Azure Kubernetes (AKS) cluster and Azure Container Registry (ACR).