DEV Community

Santhosh S
Santhosh S

Posted on

Deploy Mutliple NGINX Ingress on EKS

To deploy multiple NGINX Ingress Controllers on Amazon EKS with separate ingress classes for internal and external traffic, you'll need to:

1. Create two Helm value files (values-internal.yaml and values-external.yaml)

*values-internal.yaml
*


controller:
  ingressClass: nginx-internal
  ingressClassResource:
    name: nginx-internal
    controllerValue: "k8s.io/ingress-nginx-internal"  # Matches your IngressClass spec
    enabled: false  #Prevent Helm from creating or managing the IngressClass
  ingressClassByName: true
  watchIngressWithoutClass: false
  service:
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
      service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
      service.beta.kubernetes.io/aws-load-balancer-subnets: "subnet-################4,subnet-######################"
Enter fullscreen mode Exit fullscreen mode

Note: You have to add below annotation to follow the corrrect nginc ingress class and controller.

Apply appropriate annotations to each controller

IngressClass
  ingressClassByName: true
  watchIngressWithoutClass: false
  service:
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
      service.beta.kubernetes.io/aws-load-balancer-type: "nlb"`


Enter fullscreen mode Exit fullscreen mode

values-external.yaml

controller:
  ingressClass: nginx-external
  ingressClassResource:
    name: nginx-external
    controllerValue: "k8s.io/ingress-nginx-external"  # Matches your IngressClass spec
    enabled: false  #Prevent Helm from creating or managing the IngressClass
  ingressClassByName: true
  watchIngressWithoutClass: false
  service:
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
      service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
      service.beta.kubernetes.io/aws-load-balancer-subnets: "subnet-09d############,subnet-009#########"
Enter fullscreen mode Exit fullscreen mode

2.Define separate ingress classes (nginx-internal and nginx-external)

Create externa-class.yaml

apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: nginx-external
spec:
  controller: k8s.io/ingress-nginx-external
Enter fullscreen mode Exit fullscreen mode

Create internal-class.yaml

apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: nginx-internal
spec:
  controller: k8s.io/ingress-nginx-internal
Enter fullscreen mode Exit fullscreen mode

Once created create custom ingress class:

kubectl apply -f external-class.yaml
kubectl apply -f internal-class.yaml
Enter fullscreen mode Exit fullscreen mode

3.Deploy each controller using Helm with its respective values file:

# Add the ingress-nginx repo
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

# Deploy internal ingress
helm install nginx-internal ingress-nginx/ingress-nginx \
  --namespace ingress-internal --create-namespace \
  -f values-internal.yaml

# Deploy external ingress
helm install nginx-external ingress-nginx/ingress-nginx \
  --namespace ingress-external --create-namespace \
  -f values-external.yaml
Enter fullscreen mode Exit fullscreen mode

Conclusion

Deploying separate NGINX Ingress Controllers for internal and external traffic on EKS enhances security, scalability, and traffic management. By defining distinct ingress classes and customizing Helm values, you gain fine-grained control over how services are exposed—whether privately within your VPC or publicly to the internet.

Top comments (0)