k8s nginx Ingress take my node IP as Address

Question

I have 3 node k8s Cluster on my virtual env which is VMware Fusion.

When try to create basic Ingress it takes my one node_ip which is nginx_controller running.

But 80 port is not open on all nodes. I mean it is not working

curl: (7) Failed to connect to 172.16.242.133 port 80: Connection refused

What I missing ?

• I installed Nginx Ingress Controller
• I installed MetalLB and configured it. It is working if I create service with type: LoadBalancer. It takes ExernalIp Ip and I can access it.
• I deploy basic app for test.
• I create a service for app. I can access on NodePort or CulesterIP. Both I tried.
• I create basic Ingress for manage hosts and routing staff. But this step I stuck.

My Questions ;

1-) Normaly what should Ingress take Ip as Address ? One of my node or External DHCP IP.

2-) When I create service with type: LoadBalancer it takes externalIP. I can record DNS to this IP and clients can access it. What is wrong with that ?

Answer 1

My Problem was, I thought Ingress takes the IP and we record DNS to this IP. But It is not. Why Ingress object has Address and Port field I do not know. Just for information I guess but It is confusing for newbies. Clients access the Ingress Controller not Ingress.

Actually Ingress Controller Service manages the externalIP or NodePort. So we have to configure this.

In my case nginx

kubectl edit service/ingress-nginx-controller -n ingress-nginx

You can change type to LoadBalancer and you will get externalIP after configured the MetalLB. And define your Ingress objects, record DNS Records then you are ready.

Answer 2

Ingress supports two types of service type: NodePort and LoadBalancer.

While using NodePort service type you should use nodeport number instead of default port 80. Explanation to this behavior is available in nginx ingress documentation:

However, due to the container namespace isolation, a client located outside the cluster network (e.g. on the public internet) is not able to access Ingress hosts directly on ports 80 and 443. Instead, the external client must append the NodePort allocated to the ingress-nginx Service to HTTP requests.

So your curl should look like this:

curl 172.16.242.133:<node_port_number>

When you use MetalLB with LoadBalancer service type, it takes externalIPs from it's configuration that you specified when installing metallb in cluster.

More information about nginx ingress controller cooperation with metallb is available in nginx documentation.

MetalLB requires a pool of IP addresses in order to be able to take ownership of the ingress-nginx Service. This pool can be defined in a ConfigMap named config located in the same namespace as the MetalLB controller. This pool of IPs must be dedicated to MetalLB's use, you can't reuse the Kubernetes node IPs or IPs handed out by a DHCP server.