NGINX ingress controller

Use the NGINX ingress controller when you deploy the CDM.

Remember, the CDM is a reference implementation and not for production use. When you create a project plan, you’ll need to determine which ingress controller to use in production.

After you’ve finished deploying the CDM, you can use the CDM as a sandbox to explore deployment with a different ingress controller.

To deploy an NGINX ingress controller in a GKE cluster:

  1. Verify that you initialized your cluster by performing the steps in Kubernetes cluster creation.

    If you did not set up your cluster using this technique, the cluster might be missing some required configuration.

  2. Deploy the NGINX ingress controller in your cluster:

    $ /path/to/forgeops/bin/ --gke
    Deploying Ingress Controller to GKE...
    namespace/nginx created
    Detected cluster of type: small
    Setting ingress pod count to 1
    "ingress-nginx" has been added to your repositories
    Release "ingress-nginx" does not exist. Installing it now.
    NAME: ingress-nginx
  3. Check the status of the pods in the nginx namespace until all the pods are ready:

    $ kubectl get pods --namespace nginx
    NAME                                          READY  STATUS    RESTARTS  AGE
    ingress-nginx-controller-d794bb476-xxx6j      1/1    Running   0         4m38s
  4. Get the ingress controller’s external IP address:

    $ kubectl get services --namespace nginx
    NAME                                 TYPE           CLUSTER-IP   EXTERNAL-IP      PORT(S)                      AGE
    ingress-nginx-controller             LoadBalancer   80:30300/TCP,443:30638/TCP   58s
    ingress-nginx-controller-admission   ClusterIP     <none>           443/TCP                      58s

    The ingress controller’s IP address should appear in the EXTERNAL-IP column. There can be a short delay while the ingress starts before the IP address appears in the kubectl get services command’s output; you might need to run the command several times.

  5. Configure hostname resolution for the ingress controller:

    1. Choose an FQDN (referred to as the deployment FQDN) that you’ll use when you deploy the ForgeRock Identity Platform, and when you access its GUIs and REST APIs.

      Examples in this documentation use as the deployment FQDN. You are not required to use; you can specify any FQDN you like.

    2. If DNS does not resolve your deployment FQDN, add an entry similar to the following to the /etc/hosts file:


      For ingress-ip-address, specify the ingress controller’s external IP address.

Next step

Copyright © 2010-2024 ForgeRock, all rights reserved.