Deploy Nginx-Ingress-Controller

In this tutorial, we will go through the step by step process to deploy an NGINX ingress controller on a Kubernetes cluster.
The vast majority of Kubernetes clusters are used to host containers that process incoming requests from microservices to full web applications. Having these incoming requests come into a central location, then get handed out via services in Kubernetes, is the most secure way to configure a cluster. That central incoming point is an ingress controller.
NGINX is the most popularly used ingress controller for Kubernetes clusters. NGINX has most of the features enterprises are looking for, and will work as an ingress controller for Kubernetes regardless of which cloud, virtualization platform, or Linux operating system your Kubernetes cluster is running on.



  • kubectl is a CLI to connect to the kubernetes cluster from your machine
  • Install Visualstudio IDE Code for better code/configuration editing capabilities
  • All DIGIT services are packaged using helm charts
    Installing Helm
  • DIGIT uses golang (required v1.13.3) automated scripts to deploy the builds onto Kubernetes - Linux or Windows or Mac
  • Git

Install NGINX Ingress Controller

A Kubernetes service account is required to run NGINX as a service within the cluster. The service account needs to have following roles:
  • A cluster role to allow it to get, list, and read the configuration of all services and events. This role could be limited if you were to have multiple ingress controllers installed within the cluster. But in most cases, limiting access for this service account may not be needed.
  • A namespace-specific role to read and update all the ConfigMaps and other items that are specific to the NGINX Ingress controller’s own configuration.
Clone the following DIGIT-DevOps repo (If not already done as part of Infra setup), you may need to install git and then run git clone it to your machine.
git clone -b release
code DIGIT-DevOps/config-as-code/environments/egov-demo-template.yaml
The following configurations should be added to the environment file if they are not already there
replicas: 1
default-backend-service: "egov/nginx"
namespace: egov
cert-issuer: "letsencrypt-prod"
ssl-protocols: "TLSv1.2 TLSv1.3"
ssl-ciphers: "EECDH+CHACHA20:EECDH+AES"
ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1"
repository: egovio/nginx-ingress-controller
tag: "0.26.1"
enabled: true
enabled: false // To enable the service monitor, make sure you have installed the serviceMonitor CRD.
annotations: nlb // for Network Load Balancing (NLB)
enabled: true
enabled: false // To enable prometheus rules, make sure you have deployed prometheus.
email: "<email_id>" // replace with email id to verify the domain
- ""
namespace: egov

To apply this configuration, run the following command:

cd DIGIT-DevOps/deploy-as-code/deployer
go run main.go -c -e egov-demo-template 'nginx-ingress,cert-manager'
All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.