ForgeOps

NGINX ingress controller

Use the NGINX ingress controller when you deploy the CDM.

Remember, the CDM is a reference implementation and not for production use. When you create a project plan, you’ll need to determine which ingress controller to use in production.

After you’ve finished deploying the CDM, you can use the CDM as a sandbox to explore deployment with a different ingress controller.

To deploy an NGINX ingress controller in an AKS cluster:

  1. Verify that you initialized your cluster by performing the steps in Kubernetes cluster creation.

    If you did not set up your cluster using this technique, the cluster might be missing some required configuration.

  2. Deploy the NGINX ingress controller in your cluster:

    $ /path/to/forgeops/bin/ingress-controller-deploy.sh --aks
    Deploying Ingress Controller to AKS…​
    
    namespace/nginx created
    Detected cluster of type: cdm-small
    Setting ingress pod count to 2
    "ingress-nginx" has been added to your repositories
    Release "ingress-nginx" does not exist. Installing it now.
    NAME: ingress-nginx
    . . .
  3. Check the status of the pods in the nginx namespace until all the pods are ready:

    $ kubectl get pods --namespace nginx
    NAME                                        READY   STATUS    RESTARTS   AGE
    ingress-nginx-controller-55699cbff6-blz6s   1/1     Running   0          2m52s
    ingress-nginx-controller-55699cbff6-p62qp   1/1     Running   0          2m52s
  4. Get the ingress controller’s public IP address:

    $ kubectl get services --namespace nginx
    NAME                                 TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
    ingress-nginx-controller             LoadBalancer   10.0.149.206   20.51.97.25   80:30378/TCP,443:31333/TCP   25s
    ingress-nginx-controller-admission   ClusterIP      10.0.87.188    <none>        443/TCP                      25s

    The ingress controller’s IP address should appear in the EXTERNAL-IP column. There can be a short delay while the ingress starts before the IP address appears in the kubectl get services command’s output; you might need to run the command several times.

  5. Configure hostname resolution for the ingress controller:

    1. Choose an FQDN (referred to as the deployment FQDN) that you’ll use when you deploy the ForgeRock Identity Platform, and when you access its GUIs and REST APIs.

      Examples in this documentation use cdm.example.com as the deployment FQDN. You are not required to use cdm.example.com; you can specify any FQDN you like.

    2. If DNS does not resolve your deployment FQDN, add an entry similar to the following to the /etc/hosts file:

      ingress-ip-address cdm.example.com

      For ingress-ip-address, specify the ingress controller’s public IP address.

Next step

Copyright © 2010-2024 ForgeRock, all rights reserved.