Installing NGINX Ingress Operator on Azure RedHat OpenShift

A quick post on how to get NGINX Ingress Operator working on your OpenShift cluster

3 min readFeb 26

NGINX Ingress is a type of Kubernetes ingress resource which lets you load balance services to your workloads on your Kubernetes cluster such as OpenShift. Installing NGINX ingress is similar to other custom resources you install on your cluster.

In the Red Hat OpenShift world though, including Azure Red Hat OpenShift, the recommended way to bring in custom resources is through OpenShift Operators via Operator Hub.

Installing NGINX Ingress Operator

You will see Nginx Ingress Operator — which is a certified operator.

Click on it and click Install

In the next screen, you will be selecting the update channel and namespace. In our case, we would like this operator to be available to all the namespaces in the cluster. I will leave the namespace as-is as it is recommended by the Operator.

Finally, select Manual for Update approval — This will ensure there are no automatic updates of the operator.

This is essential as versions of the Ingress Controller, Kubernetes version and Operator versions are interlinked and unintentional update of operator can cause unintended consequences. Read more: https://docs.nginx.com/nginx-ingress-controller/technical-specifications/#supported-kubernetes-versions

Once, we click install, it will ask for approval since we selected Manual the update channel. Click Approve

You will see the installation completed soon after and we can verify the installed operator from theInstalled Operators screen.

Install Security Context Constraints (SCC)

Before we install the ingress controller, we need to install SCC on our cluster, which binds additional permissions to the nginx ingress service accounts.

The YAML is available here

kind: SecurityContextConstraints
apiVersion: security.openshift.io/v1
metadata:
  name: nginx-ingress-admin
allowPrivilegedContainer: true
runAsUser:
  type: MustRunAs
  uid: 101
seLinuxContext:
  type: MustRunAs
fsGroup:
  type: MustRunAs
supplementalGroups:
  type: MustRunAs
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowHostDirVolumePlugin: false
allowHostIPC: false
readOnlyRootFilesystem: false
volumes:
  - secret
defaultAddCapabilities:
  - "NET_BIND_SERVICE"
requiredDropCapabilities:
  - ALL
users:
  - 'system:serviceaccount:*:nginx-ingress'

That is it! In the future post, we will see how to use the operator to expose the service.

Nginx

Openshift

Azure Redhat Openshift

Ingress

Written by Utkarsh Shigihalli

43 Followers

Microsoft MVP | Developer | Passionate about Cloud, .NET and DevOps

More from Utkarsh Shigihalli

Utkarsh Shigihalli

Podman — Cannot connect to the Docker daemon error on macOS

A quick post on enabling podman.sock on macOS

2 min readOct 9, 2022

Utkarsh Shigihalli
in
Utkarsh Shigihalli

Enabling Single Sign-On (SSO) for Azure RedHat OpenShift (ARO) cluster using Azure AD

Step-by-step guide on integrating Azure AD authentication with ARO.

4 min readDec 17, 2021

Utkarsh Shigihalli

Scanning container vulnerabilities and publishing the results using Trivy in Azure DevOps

With rapid releases of software, you equally need solid automation and security scanning implemented the moment developers are ready to…

4 min readFeb 28

Utkarsh Shigihalli

Connecting to Azure Red Hat OpenShift using Service Accounts from Azure DevOps

In this quick post, we will see how to connect to OpenShift from Azure DevOps with help of Service Accounts and Service Connections.

7 min readDec 29, 2022

See all from Utkarsh Shigihalli

Recommended from Medium

Craig Robinson

Installing Nutanix Community Edition 2.0 on Bare Metal — Single Node Cluster

My first recollection of Nutanix was at the 2012 VMWare Users Group Summit in Charlotte, North Carolina. Fast forward to mid-2022, an…

10 min readMar 6

Tamir Suliman

Use Docker to Deploy Elasticsearch & Kibana Environment

ELK stack which includes Elasticsearch, Kibana, and Logstash considered one of the powerful tools for logging, searching and analyzing…

6 min readMar 5

Lists

Staff Picks

323 stories82 saves

Stories to Help You Level-Up at Work

19 stories52 saves

Self-Improvement 101

20 stories103 saves

Productivity 101

20 stories110 saves

Craig Robinson
in
ITNEXT

Guide: Install OpenShift 4.12 using IPI on Nutanix CE 2.0

The ability to install an OpenShift cluster on Nutanix using the installer-provisioned infrastructure (IPI) was introduced with OpenShift…

10 min readMar 11

Dea Agra Larasati

Automate Everything with Ansible

In today’s fast-paced digital world, automation is a crucial part of any organization’s strategy. With the rise of cloud computing, DevOps…

8 min readMay 6

Mihir Patel
in
Simform Engineering

Setting up a local development environment using Docker Compose

A step-by-step guide to creating a containerized environment for your application development needs.

9 min readMay 4

Joe Sepich
in
Continuously Learning

Deploying Grafana Mimir on GCP

What is Grafana Mimir?

6 min readMay 15

See more recommendations

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Text to speech