From 15d06550b2288e3126bcd8d6e454fedec209197d Mon Sep 17 00:00:00 2001 From: Luca Comellini Date: Thu, 21 Jul 2022 17:26:25 -0700 Subject: [PATCH 1/3] Update Operator SDK to v1.22.2 --- Dockerfile | 2 +- Makefile | 10 ++-- README.md | 8 ++-- bundle.Dockerfile | 2 +- ...ngress-operator.clusterserviceversion.yaml | 47 +++++++++++++------ bundle/metadata/annotations.yaml | 2 +- config/default/manager_auth_proxy_patch.yaml | 16 ++++++- config/manager/manager.yaml | 5 ++ docs/manual-installation.md | 8 ++-- docs/openshift-installation.md | 2 +- 10 files changed, 69 insertions(+), 33 deletions(-) diff --git a/Dockerfile b/Dockerfile index 52e9cf05..fda8f210 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/operator-framework/helm-operator:v1.22.0 +FROM quay.io/operator-framework/helm-operator:v1.22.2 ARG VERSION diff --git a/Makefile b/Makefile index d63abd1b..5287d613 100644 --- a/Makefile +++ b/Makefile @@ -130,7 +130,7 @@ ifeq (,$(shell which helm-operator 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(HELM_OPERATOR)) ;\ - curl -sSLo $(HELM_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v1.16.0/helm-operator_$(OS)_$(ARCH) ;\ + curl -sSLo $(HELM_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v1.22.2/helm-operator_$(OS)_$(ARCH) ;\ chmod +x $(HELM_OPERATOR) ;\ } else @@ -140,9 +140,11 @@ endif .PHONY: bundle bundle: kustomize ## Generate bundle manifests and metadata, then validate generated files. - operator-sdk generate kustomize manifests -q + operator-sdk generate kustomize manifests --interactive=false -q cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) - $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS) + $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle $(BUNDLE_GEN_FLAGS) + @printf "%s\n" '' 'LABEL com.redhat.openshift.versions="v4.6"' 'LABEL com.redhat.delivery.operator.bundle=true' 'LABEL com.redhat.delivery.backport=true' >> bundle.Dockerfile + @printf "%s\n" '' ' # OpenShift annotations.' ' com.redhat.openshift.versions: v4.6' >> bundle/metadata/annotations.yaml operator-sdk bundle validate ./bundle .PHONY: bundle-build @@ -161,7 +163,7 @@ ifeq (,$(shell which opm 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(OPM)) ;\ - curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.19.1/$(OS)-$(ARCH)-opm ;\ + curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$${OS}-$${ARCH}-opm ;\ chmod +x $(OPM) ;\ } else diff --git a/README.md b/README.md index bfdef81e..c75f6cce 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Learn more about operators in the [Kubernetes Documentation](https://kubernetes. To install a specific version of the NGINX Ingress Controller with the operator, a specific version of the NGINX Ingress Operator is required. -Up until version 0.5.1, this Operator was Go based. Version 1.0.0 marks an uncompatible upgrade as this release swtiched the Operator to being Helm-based, built from the [NGINX Ingress Controller Helm chart](http://helm.nginx.com/#nginx-ingress-controller). The configuration for the Helm chart can be seen in the [NGINX Ingress Controller documentation](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/#configuration). +Up until version 0.5.1, this Operator was Go based. Version 1.0.0 marks an incompatible upgrade as this release switched the Operator to being Helm-based, built from the [NGINX Ingress Controller Helm chart](http://helm.nginx.com/#nginx-ingress-controller). The configuration for the Helm chart can be seen in the [NGINX Ingress Controller documentation](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/#configuration). The following table shows the relation between the versions of the two projects: @@ -32,10 +32,10 @@ Note: The NGINX Ingress Operator works only for NGINX Ingress Controller version 1. Install the NGINX Ingress Operator. See [docs](./docs/installation.md).
NOTE: To use TransportServers as part of your NGINX Ingress Controller configuration, a GlobalConfiguration resource must be created *before* starting the Operator - [see the notes](./examples/deployment-oss-min/README.md#TransportServers) -2. Create a default server secret on the cluster - an example yaml for this can be found in the [examples folder](https://github.com/nginxinc/nginx-ingress-helm-operator/blob/v1.0.0/examples/default-server-secret.yaml) +2. Create a default server secret on the cluster - an example yaml for this can be found in the [examples folder](https://github.com/nginxinc/nginx-ingress-helm-operator/blob/v1.1.0/examples/default-server-secret.yaml) 3. (If using OpenShift) Create the scc resource on the cluster by applying the scc.yaml file found in the `resources` folder of this repo: ```shell - kubectl apply -f https://raw.githubusercontent.com/nginxinc/nginx-ingress-operator-helm/v1.0.0/resources/scc.yaml + kubectl apply -f https://raw.githubusercontent.com/nginxinc/nginx-ingress-operator-helm/v1.1.0/resources/scc.yaml ``` 4. Deploy a new NGINX Ingress Controller using the [NginxIngress](./config/samples/charts_v1alpha1_nginxingress.yaml) Custom Resource: * Use the name of the default server secret created above for `controller.defaultTLS.secret` field (needs to be in the form `namespace/name`) @@ -61,7 +61,7 @@ See [upgrade docs](./docs/upgrades) ## NGINX Ingress Operator Releases We publish NGINX Ingress Operator releases on GitHub. See our [releases page](https://github.com/nginxinc/nginx-ingress-helm-operator/releases). -The latest stable release is [1.0.0](https://github.com/nginxinc/nginx-ingress-helm-operator/releases/tag/v1.0.0). For production use, we recommend that you choose the latest stable release. +The latest stable release is [1.1.0](https://github.com/nginxinc/nginx-ingress-helm-operator/releases/tag/v1.1.0). For production use, we recommend that you choose the latest stable release. ## Development diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 0bf11737..26555605 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -7,7 +7,7 @@ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=nginx-ingress-operator LABEL operators.operatorframework.io.bundle.channels.v1=alpha LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha -LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.16.0-ocp +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.22.2 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 diff --git a/bundle/manifests/nginx-ingress-operator.clusterserviceversion.yaml b/bundle/manifests/nginx-ingress-operator.clusterserviceversion.yaml index 2c016c4a..fce4c572 100644 --- a/bundle/manifests/nginx-ingress-operator.clusterserviceversion.yaml +++ b/bundle/manifests/nginx-ingress-operator.clusterserviceversion.yaml @@ -33,7 +33,6 @@ metadata: }, "enableCertManager": false, "enableCustomResources": true, - "enableExternalDNS": false, "enableLatencyMetrics": false, "enableOIDC": false, "enablePreviewPolicies": false, @@ -147,7 +146,7 @@ metadata: description: The NGINX Ingress Operator is a Kubernetes/OpenShift component which deploys and manages one or more NGINX/NGINX Plus Ingress Controllers operatorframework.io/suggested-namespace: nginx-ingress - operators.operatorframework.io/builder: operator-sdk-v1.16.0-ocp + operators.operatorframework.io/builder: operator-sdk-v1.22.2 operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 repository: https://github.com/nginxinc/nginx-ingress-helm-operator support: NGINX Inc. @@ -292,7 +291,9 @@ spec: - create serviceAccountName: nginx-ingress-operator-controller-manager deployments: - - name: nginx-ingress-operator-controller-manager + - label: + control-plane: controller-manager + name: nginx-ingress-operator-controller-manager spec: replicas: 1 selector: @@ -307,6 +308,29 @@ spec: control-plane: controller-manager spec: containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 @@ -335,20 +359,13 @@ spec: memory: 128Mi securityContext: allowPrivilegeEscalation: false - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - protocol: TCP - resources: {} + capabilities: + drop: + - ALL securityContext: runAsNonRoot: true + seccompProfile: + type: RuntimeDefault serviceAccountName: nginx-ingress-operator-controller-manager terminationGracePeriodSeconds: 10 permissions: diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml index 3a1cf816..0f1679bf 100644 --- a/bundle/metadata/annotations.yaml +++ b/bundle/metadata/annotations.yaml @@ -6,7 +6,7 @@ annotations: operators.operatorframework.io.bundle.package.v1: nginx-ingress-operator operators.operatorframework.io.bundle.channels.v1: alpha operators.operatorframework.io.bundle.channel.default.v1: alpha - operators.operatorframework.io.metrics.builder: operator-sdk-v1.16.0-ocp + operators.operatorframework.io.metrics.builder: operator-sdk-v1.22.2 operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index d887712a..f9242ce3 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -10,16 +10,28 @@ spec: spec: containers: - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 args: - "--secure-listen-address=0.0.0.0:8443" - "--upstream=http://127.0.0.1:8080/" - "--logtostderr=true" - - "--v=10" + - "--v=0" ports: - containerPort: 8443 protocol: TCP name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi - name: manager args: - "--health-probe-bind-address=:8081" diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 622a17ab..7fc3ee62 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -26,6 +26,8 @@ spec: spec: securityContext: runAsNonRoot: true + seccompProfile: + type: RuntimeDefault containers: - args: - --leader-elect @@ -34,6 +36,9 @@ spec: name: manager securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" livenessProbe: httpGet: path: /healthz diff --git a/docs/manual-installation.md b/docs/manual-installation.md index 157562f1..b59c741a 100644 --- a/docs/manual-installation.md +++ b/docs/manual-installation.md @@ -8,17 +8,17 @@ This will deploy the operator in the `nginx-ingress-operator-system` namespace. ``` git clone https://github.com/nginxinc/nginx-ingress-helm-operator/ cd nginx-ingress-helm-operator/ - git checkout v1.0.0 + git checkout v1.1.0 ``` 2. `Openshift` To deploy the Operator and associated resources to an OpenShift environment, run: ``` - make deploy IMG=nginx/nginx-ingress-operator:1.0.0 + make deploy IMG=nginx/nginx-ingress-operator:1.1.0 ``` 3. Alternatively, to deploy the Operator and associated resources to all other environments: ``` - make deploy IMG=nginx/nginx-ingress-operator:1.0.0 + make deploy IMG=nginx/nginx-ingress-operator:1.1.0 ``` 2. Check that the Operator is running: @@ -33,4 +33,4 @@ This will deploy the operator in the `nginx-ingress-operator-system` namespace. In order to deploy NGINX Ingress Controller instances into OpenShift environments, a new SCC is required to be created on the cluster which will be used to bind the specific required capabilities to the NGINX Ingress service account(s). To do so, please run the following command (assuming you are logged in with administrator access to the cluster): -`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.0.0/resources/scc.yaml` +`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` diff --git a/docs/openshift-installation.md b/docs/openshift-installation.md index 8d73ce6a..bf21e70e 100644 --- a/docs/openshift-installation.md +++ b/docs/openshift-installation.md @@ -21,6 +21,6 @@ Additional steps: In order to deploy NGINX Ingress Controller instances into OpenShift environments, a new SCC is required to be created on the cluster which will be used to bind the specific required capabilities to the NGINX Ingress service account(s). To do so, please run the following command (assuming you are logged in with administrator access to the cluster): -`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.0.0/resources/scc.yaml` +`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` You can now deploy the NGINX Ingress Controller instances. From 1f7945a3cccdac33bb1d309cddc02e7d90b262c4 Mon Sep 17 00:00:00 2001 From: Luca Comellini Date: Tue, 26 Jul 2022 12:15:51 -0700 Subject: [PATCH 2/3] More docs fixes --- .github/release-drafter.yml | 2 +- README.md | 2 +- docs/installation.md | 6 +++--- docs/manual-installation.md | 6 +++--- docs/openshift-installation.md | 10 +++++----- examples/deployment-oss-min/README.md | 24 ++++++++++++------------ examples/deployment-plus-min/README.md | 20 ++++++++++---------- 7 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index d9c16ee1..c3c00126 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -63,4 +63,4 @@ template: | ## Compatibility - NGINX Ingress Controller NIC_VERSION_REPLACE_ME! - - Openshift 4.5 or newer. + - OpenShift 4.5 or newer. diff --git a/README.md b/README.md index c75f6cce..0ce0716e 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ It is possible to run the operator in your local machine. This is useful for tes ### Run Operator locally -1. Have access to a Kubernetes/Openshift cluster. +1. Have access to a Kubernetes/OpenShift cluster. 1. Apply the IC CRD: ``` make install diff --git a/docs/installation.md b/docs/installation.md index 1d6b9535..a1d9d761 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -1,7 +1,7 @@ # Installation We currently support 2 methods of installation: -1. [Installation in an Openshift cluster](./openshift-installation.md) using the [OLM](https://github.com/operator-framework/operator-lifecycle-manager). -1. [Manual installation](./manual-installation.md) in a Kubernetes or Openshift cluster by manually deploying the operator manifests. - +1. [Installation in an OpenShift cluster](./openshift-installation.md) using the [OLM](https://github.com/operator-framework/operator-lifecycle-manager). +1. [Manual installation](./manual-installation.md) in a Kubernetes or OpenShift cluster by manually deploying the operator manifests. + After installation, use the [sample CR definition](../config/samples/charts_v1alpha1_nginxingress.yaml) to deploy the NGINX Ingress Controller using the operator. diff --git a/docs/manual-installation.md b/docs/manual-installation.md index b59c741a..ee36ba4e 100644 --- a/docs/manual-installation.md +++ b/docs/manual-installation.md @@ -11,7 +11,7 @@ This will deploy the operator in the `nginx-ingress-operator-system` namespace. git checkout v1.1.0 ``` - 2. `Openshift` To deploy the Operator and associated resources to an OpenShift environment, run: + 2. `OpenShift` To deploy the Operator and associated resources to an OpenShift environment, run: ``` make deploy IMG=nginx/nginx-ingress-operator:1.1.0 ``` @@ -29,8 +29,8 @@ This will deploy the operator in the `nginx-ingress-operator-system` namespace. nginx-ingress-operator-controller-manager 1/1 1 1 15s ``` -3. `Openshift` Additional steps: +3. `OpenShift` Additional steps: In order to deploy NGINX Ingress Controller instances into OpenShift environments, a new SCC is required to be created on the cluster which will be used to bind the specific required capabilities to the NGINX Ingress service account(s). To do so, please run the following command (assuming you are logged in with administrator access to the cluster): -`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` +`kubectl -f https://raw.githubusercontent.com//nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` diff --git a/docs/openshift-installation.md b/docs/openshift-installation.md index bf21e70e..48e185fe 100644 --- a/docs/openshift-installation.md +++ b/docs/openshift-installation.md @@ -1,19 +1,19 @@ -# Installation in an Openshift cluster using the OLM +# Installation in an OpenShift cluster using the OLM -This installation method is the recommended way for Openshift users. **Note**: Openshift version must be 4.2 or higher. +This installation method is the recommended way for OpenShift users. **Note**: OpenShift version must be 4.2 or higher. **Note: The `nginx-ingress-operator` supports `Basic Install` only - we do not support auto-updates. When you are installing the Operator using the OLM, the auto-update feature should be disabled to avoid breaking changes being auto-applied. In OpenShift, this can be done by setting the `Approval Strategy` to `Manual`. Please see the [Operator SDK docs](https://sdk.operatorframework.io/docs/advanced-topics/operator-capabilities/operator-capabilities/) for more details on the Operator Capability Levels.** The NGINX Ingress Operator is a [RedHat certified Operator](https://connect.redhat.com/en/partner-with-us/red-hat-openshift-operator-certification). -1. In the Openshift dashboard, click `Operators` > `Operator Hub` in the left menu and use the search box to type `nginx ingress`: +1. In the OpenShift dashboard, click `Operators` > `Operator Hub` in the left menu and use the search box to type `nginx ingress`: ![alt text](./images/openshift1.png "Operators") 1. Click the `NGINX Ingress Operator` and click `Install`: ![alt text](./images/openshift2.png "NGINX Ingress Operator") 1. Click `Subscribe`: ![alt text](./images/openshift3.png "NGINX Ingress Operator Install") -Openshift will install the NGINX Ingress Operator: +OpenShift will install the NGINX Ingress Operator: ![alt text](./images/openshift4.png "NGINX Ingress Operator Subscribe") @@ -21,6 +21,6 @@ Additional steps: In order to deploy NGINX Ingress Controller instances into OpenShift environments, a new SCC is required to be created on the cluster which will be used to bind the specific required capabilities to the NGINX Ingress service account(s). To do so, please run the following command (assuming you are logged in with administrator access to the cluster): -`kubectl -f https://github.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` +`kubectl -f https://raw.githubusercontent.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` You can now deploy the NGINX Ingress Controller instances. diff --git a/examples/deployment-oss-min/README.md b/examples/deployment-oss-min/README.md index 6d04cb37..443ccf5d 100644 --- a/examples/deployment-oss-min/README.md +++ b/examples/deployment-oss-min/README.md @@ -12,31 +12,31 @@ If you would like to use TransportServers, refer to [this section](README.md#Tra 1. Create a new namespace for our Ingress Controller instance: ``` kubectl create -f ns.yaml - ``` + ``` -2. Create a new NginxIngressController resource that defines our NGINX Ingress Controller instance (**Note**: If using Openshift, change the `image.tag` to `edge-ubi`): +2. Create a new NginxIngressController resource that defines our NGINX Ingress Controller instance (**Note**: If using OpenShift, change the `image.tag` to `edge-ubi`): ``` kubectl create -f nginx-ingress-controller.yaml ``` - -This will deploy an NGINX Ingress Controller instance using a [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) in the `my-nginx-controller` namespace. + +This will deploy an NGINX Ingress Controller instance using a [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) in the `my-nginx-controller` namespace. 3. Check if all resources were deployed: ``` kubectl -n my-nginx-ingress get all - + NAME READY STATUS RESTARTS AGE pod/my-nginx-ingress-controller-666854fb5f-f67fs 1/1 Running 0 3s - + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/my-nginx-ingress-controller NodePort 10.103.105.52 80:30298/TCP,443:32576/TCP 3s - + NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/my-nginx-ingress-controller 1/1 1 1 4s - + NAME DESIRED CURRENT READY AGE replicaset.apps/my-nginx-ingress-controller-666854fb5f 1 1 1 4s ``` @@ -48,17 +48,17 @@ For more information about how to configure the NGINX Ingress Controller, check 1. Delete the NginxIngressController: ``` kubectl delete -f nginx-ingress-controller.yaml - ``` + ``` 1. Delete the namespace: ``` kubectl delete namespace my-nginx-ingress ``` - + ## TransportServers -TransportServers provide support for TCP/UDP but are in active development and provided as a preview feature. -A GlobalConfiguration resource is used to specify the TCP/UDP listeners and is required by TransportServers. +TransportServers provide support for TCP/UDP but are in active development and provided as a preview feature. +A GlobalConfiguration resource is used to specify the TCP/UDP listeners and is required by TransportServers. To use TransportServers, you must create a GlobalConfiguration resource *after* creating the namespace and *before* starting the Operator. diff --git a/examples/deployment-plus-min/README.md b/examples/deployment-plus-min/README.md index 706e1e2d..a8290de7 100644 --- a/examples/deployment-plus-min/README.md +++ b/examples/deployment-plus-min/README.md @@ -5,9 +5,9 @@ In this example we deploy the NGINX Ingress Controller (edge) as a [Deployment]( ## Prerequisites 1. Have the NGINX Ingress Operator deployed in your cluster. Follow [installation](../../README.md#installation) steps. -2. Build the NGINX Ingress Controller for Plus image and push it to a private repository following -[these instructions](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/#building-the-image-and-pushing-it-to-the-private-registry) -(**Note**: For the build process, if using Openshift, use the `openshift-image-plus` or `openshift-image-nap-plus` targets). +2. Build the NGINX Ingress Controller for Plus image and push it to a private repository following +[these instructions](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/#building-the-image-and-pushing-it-to-the-private-registry) +(**Note**: For the build process, if using OpenShift, use the `ubi-image-plus`, `ubi-image-nap-plus`, `ubi-image-dos-plus` or `ubi-image-nap-dos-plus` targets). If you would like to use TransportServers, refer to [this section](README.md#TransportServers) for additional pre-requisites. @@ -16,29 +16,29 @@ If you would like to use TransportServers, refer to [this section](README.md#Tra 1. Create a new namespace for our Ingress Controller instance: ``` kubectl create -f ns.yaml - ``` + ``` 2. Create a new NginxIngressController resource that defines our NGINX Ingress Controller instance (**Note:** Update the `image.repository` field in the `nginx-ingress-controller.yaml` with your previously built image for NGINX Plus): ``` kubectl create -f nginx-ingress-controller.yaml ``` -This will deploy an NGINX Ingress Controller instance using a [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) in the `my-nginx-controller` namespace. +This will deploy an NGINX Ingress Controller instance using a [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) in the `my-nginx-controller` namespace. 3. Check if all resources were deployed: ``` kubectl -n my-nginx-ingress get all - + NAME READY STATUS RESTARTS AGE pod/my-nginx-ingress-controller-666854fb5f-f67fs 1/1 Running 0 3s - + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/my-nginx-ingress-controller NodePort 10.103.105.52 80:30298/TCP,443:32576/TCP 3s - + NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/my-nginx-ingress-controller 1/1 1 1 4s - + NAME DESIRED CURRENT READY AGE replicaset.apps/my-nginx-ingress-controller-666854fb5f 1 1 1 4s ``` @@ -50,7 +50,7 @@ For more information about how to configure the NGINX Ingress Controller, check 1. Delete the NginxIngressController: ``` kubectl delete -f nginx-ingress-controller.yaml - ``` + ``` 1. Delete the namespace: ``` From 6c3b067685dca7a8feb77d80235ee863546a27b3 Mon Sep 17 00:00:00 2001 From: Luca Comellini Date: Tue, 2 Aug 2022 09:02:34 -0700 Subject: [PATCH 3/3] Update docs/manual-installation.md Co-authored-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com> --- docs/manual-installation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/manual-installation.md b/docs/manual-installation.md index ee36ba4e..05e98c0e 100644 --- a/docs/manual-installation.md +++ b/docs/manual-installation.md @@ -33,4 +33,4 @@ This will deploy the operator in the `nginx-ingress-operator-system` namespace. In order to deploy NGINX Ingress Controller instances into OpenShift environments, a new SCC is required to be created on the cluster which will be used to bind the specific required capabilities to the NGINX Ingress service account(s). To do so, please run the following command (assuming you are logged in with administrator access to the cluster): -`kubectl -f https://raw.githubusercontent.com//nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml` +`kubectl -f https://raw.githubusercontent.com/nginxinc/nginx-ingress-helm-operator/v1.1.0/resources/scc.yaml`