Cloud Experts Documentation

Add an Ingress Controller to an OSD GCP Cluster and optionally with a custom domain.

Last edited
Published
Authors
Kevin Collins
Tags: GCP OSD

This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.

Starting with OpenShift 4.14, OSD GCP supports adding additional Ingress Controllers which can use used to configure a custom domain on a OSD GCP cluster without having to use the now deprecated Custom Domain Operator. This guide shows how to add an additional Ingress Controller ( public or private ) to a OSD GCP cluster and optionally also configuring a custom domain.

Prerequisites

  • A Red Hat OpenShift Dedicated on GCP (OSD GCP) cluster, version 4.14 or above
  • The oc CLI #logged in.

Set up environment

  1. Export few environment variables

Important: The variables below can be customized to fit your needs for your ingress controller.

CERT_NAME - this is the name of the tls secret for the domain of your ingress controller. This tls secret must be stored in the openshift-ingress namespace. If you are adding an additional Ingress Controller to the openshiftapps.com domain that comes with OSD GCP, use the name of the secret in the openshift-ingress namespace that has the naming format of (ID)-primary-cert-bundle-secret.

Optional: To create your own certificate, you can use certbot to create one.

The output of this command will show where your certificates are located.

Taking the values from the above command, create a certificate.

SCOPE - this will be the scope of the Network Load Balancer that will be provisioned. The scope can be either Internal for a private network load balancer or External for an Internet facing network load balancer.

Create the Ingress Controller.

Describe the Ingress Controller to confirm it’s ready.

You should see an output that mentions that the ingress controller is Admitted.

Also verify the router pods of the new ingress controller are running

Expected output is two pods in a Running state.

Create a DNS entry for the new domain / network load balancer

Get the NLB environment variables:

Create an A name record in your DNS settings, pointing the domain to the IP address of the newly created public load balancer.

Example: DNS Settings

Test an application.

  1. Create a test applciation in a new namespace.

  2. Expose the test application Service.

    Let’s create a Route to expose the application from outside the cluster, and annotate the Route to give it a new Certificate.

  3. Access the application Route.

    Open your browser to hello.$DOMAIN and you will see a secured web page that displays Hello OpenShift.

View Hello OpenShift

Interested in contributing to these docs?

Collaboration drives progress. Help improve our documentation The Red Hat Way.

GitHub Edit this page
Red Hat logo LinkedIn YouTube Facebook Twitter

Products

Tools

Try, buy & sell

Communicate

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now © 2023 Red Hat, Inc.