Adding an additional ingress controller to an ARO cluster
This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.
Prerequisites
- an Azure Red Hat OpenShift cluster
- a DNS zone that you can easily modify
Get Started
Create some environment variables
Create a certificate for the ingress controller
Create a secret for the certificate
Create an ingress controller
NOTE: By default the ingress controller is created with
externalscope. This means that the corresponding Azure Load Balancer will have a public frontend IP. If you wish to deploy a privately visible ingress controller add the following lines to thespec:spec: ... endpointPublishingStrategy: loadBalancer: scope: Internal type: LoadBalancerService ...Wait a few moments then get the
EXTERNAL-IPof the new ingress controllerIn case of an Externally (publicly) scoped ingress controller the output should look like:
In case of an Internal (private) one:
Optionally verify in the Azure portal or using CLI that the Load Balancer Service has gotten the new Frontend IP and two Load Balancing Rules - one for port 80 and another one for port 443. In case of an Internally scoped Ingress Controller the changes are to be observed within the Load Balancer that has the
-internalsuffix.Create a wildcard DNS record pointing at the
EXTERNAL-IPTest that the Ingress is working
NOTE: For the Internal ingress controller, make sure that the test host has the necessary reachability to the VPC/subnet as well as the DNS resolver. Create a new project to deploy an application to
Create a new application
Expose
Verify it works
