2

I have a kubernetes cluster created. According to security policies in the company, I need to have first an application gateway WAF in front that hits the cluster (which has a public IP). And as an ingress controller for this cluster I need to configure a Nginx ingress controller (also has a public IP). How can I connect or point the waf to the ingress controller? Is this possible to be done?

Thanks!

Chanafot
  • 736
  • 4
  • 22
  • 46
  • Unlike Azure Load balancer, you don't need to create Nginx Ingress controller with Application gateway. You need to configure Application Gateway Ingress Controller as mentioned in this documentation: https://github.com/Azure/application-gateway-kubernetes-ingress – msrini-MSIT Oct 07 '19 at 04:41
  • 1
    yeap...problem is that we already used AGIC. unfortunately is in BETA and is not working propertly yet . Bug was found and microsoft is working on a new release to solve it. 0.9.0 is lattest. – Chanafot Oct 07 '19 at 12:44
  • It has been sometime that you asked this question. Can you share the solution and your experience with it? – pune06 May 13 '20 at 08:03
  • I didn´t solve it, I used what was documented in the link shared here: https://github.com/Azure/application-gateway-kubernetes-ingress – Chanafot May 18 '20 at 20:44

1 Answers1

2

Native support for Nginx ingress controller is with a load balancer and not with app gateway. One possible approach is to create a nginx ingress controller loadbalancer as private using this link docs.

Now add this private Ip of load balancer as the backend pool of app gateway and now your app gateway should start serving the traffic from aks cluster.

The App gateway ingress controller as suggested by another comment is GA now but still is buggy. It takes time to update the backend pools on deploying new pods.

pune06
  • 123
  • 2
  • 10