NGINX Ingress controller changes in Kubernetes v1.21

For Kubernetes v1.21 and up, the NGINX Ingress controller no longer runs in hostNetwork but uses hostPorts for port 80 and port 443. This was done so the admission webhook can be configured to be accessed using ClusterIP so it can only be reached inside the cluster.

Ingress Rule Configuration

Specify a hostname to use

If you use this option, ingress routes requests for a hostname to the service or workload that you specify.

  1. Enter the Request Host that your ingress will handle request forwarding for. For example, www.mysite.com.
  2. Add a Target Service.
  3. Optional: If you want specify a workload or service when a request is sent to a particular hostname path, add a Path for the target. For example, if you want requests for www.mysite.com/contact-us to be sent to a different service than www.mysite.com, enter /contact-us in the Path field. Typically, the first rule that you create does not include a path.
  4. Enter the Port number that each target operates on.

    Certificates

    Note: You must have an SSL certificate that the ingress can use to encrypt/decrypt communications. For more information see Adding SSL Certificates.

  5. When creating an ingress, click the Certificates tab.

  6. Click Add Certificate.

  7. Select a Certificate - Secret Name from the drop-down list.

  8. Enter the host using encrypted communication.

  9. To add additional hosts that use the certificate, click Add Hosts.

Labels and Annotations

Add Labels and/or Annotations to provide metadata for your ingress.

For a list of annotations available for use, see the Nginx Ingress Controller Documentation.