This message was deleted Rancher Users #rke2

Join Slack

This message was deleted.

# rke2

adamant-kite-43734

03/27/2023, 12:33 PM

This message was deleted.

refined-analyst-8898

03/27/2023, 12:33 PM

Copy code

$ k get daemonsets.apps rke2-ingress-nginx-controller \
    --namespace kube-system \
    --output go-template='{{ range ((index .spec.template.spec.containers 0).args) }}{{.}}{{"\n"}}{{end}}'
/nginx-ingress-controller
--election-id=ingress-controller-leader
--controller-class=<http://k8s.io/ingress-nginx|k8s.io/ingress-nginx>
--ingress-class=nginx
--configmap=$(POD_NAMESPACE)/rke2-ingress-nginx-controller
--validating-webhook=:8443
--validating-webhook-certificate=/usr/local/certificates/cert
--validating-webhook-key=/usr/local/certificates/key
--watch-ingress-without-class=true

$ k patch daemonsets.apps "rke2-ingress-nginx-controller" \
            --namespace kube-system \
            --type json \
            --patch '[{"op": "add",
                "path": "/spec/template/spec/containers/0/args/-",
                "value":"--enable-ssl-passthrough"
            }]'
daemonset.apps/rke2-ingress-nginx-controller patched

$ k get daemonsets.apps rke2-ingress-nginx-controller \
    --namespace kube-system \
    --output go-template='{{ range ((index .spec.template.spec.containers 0).args) }}{{.}}{{"\n"}}{{end}}'
/nginx-ingress-controller
--election-id=ingress-controller-leader
--controller-class=<http://k8s.io/ingress-nginx|k8s.io/ingress-nginx>
--ingress-class=nginx
--configmap=$(POD_NAMESPACE)/rke2-ingress-nginx-controller
--validating-webhook=:8443
--validating-webhook-certificate=/usr/local/certificates/cert
--validating-webhook-key=/usr/local/certificates/key
--watch-ingress-without-class=true
--enable-ssl-passthrough

careful-mouse-42236

03/27/2023, 12:57 PM

I'm used to install RKE2 without NGINX Ingress Controller then install & manage it in a GitOps way with the officiel Helm chart (https://kubernetes.github.io/ingress-nginx/). It works fine. I use chart parameters to configure it, like

<http://nginx.ingress.kubernetes.io/ssl-passthrough|nginx.ingress.kubernetes.io/ssl-passthrough>

refined-analyst-8898

03/27/2023, 1:29 PM

Now I see that this appears to be viable as well.

Copy code

---
apiVersion: <http://helm.cattle.io/v1|helm.cattle.io/v1>
kind: HelmChartConfig
metadata:
  name: rke2-ingress-nginx
  namespace: kube-system
spec:
  valuesContent: |-
    controller:
      extraArgs:
        enable-ssl-passthrough: true

👍 1

refined-analyst-8898

03/27/2023, 2:35 PM

I confirmed that applying the above manifest in namespace

kube-system

re-added the extra arg to the daemonset deployment.

102 Views

Open in Slack

Previous Next