I'm installing NGINX Ingress controller using helm chart in AKS Cluster
helm version : v3.14.4 nginx version: nginx/1.25.5 AKS Cluster version : v1.30.9
How im applying using this command
helm upgrade --install ingress-nginx ./ingress-nginx --namespace ingress-nginx --create-namespace
Error: no Namespace with the name "ingress-nginx" found
after that again i run same command then it fail to run ingress-nginx POD
helm upgrade --install ingress-nginx ./ingress-nginx --namespace ingress-nginx --create-namespace
Release "ingress-nginx" has been upgraded. Happy Helming!
NAME: ingress-nginx
LAST DEPLOYED: Tue Mar 18 15:22:15 2025
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 3
TEST SUITE: None
$Helm-Chart/prod-replicas$ kubectl get all -n ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-controller-854dbd498d-ntmmp 0/1 CrashLoopBackOff 5 (58s ago) 3m57s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller LoadBalancer 10.0.235.128 98.70.240.191 80:31277/TCP,443:31198/TCP 3m57s
service/ingress-nginx-controller-admission ClusterIP 10.0.201.156 <none> 443/TCP 3m57s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 0/1 1 0 3m57s
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-854dbd498d 1 1 0 3m57s
here is the Issue/Error im getting i check logs kubectl logs -n ingress-nginx POD-NAME-NGINX-INGRESS
8 09:48:25.250239 7 client_config.go:667] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0318 09:48:25.250360 7 main.go:205] "Creating API client" host=":443"
I0318 09:48:25.274256 7 main.go:248] "Running in Kubernetes cluster" major="1" minor="30" git="v1.30.9" state="clean" commit="a87cd6906120a367bf6787420e943103a463acba" platform="linux/amd64"
F0318 09:48:25.275937 7 main.go:89] ✖ the cluster seems to be running with a restrictive Authorization mode and the Ingress controller does not have the required permissions to operate normally
The public IP of my AKS cluster is not pinging, and I don’t know the reason. It has never been reachable via ping since the cluster was created.
Here is my helm chart files
ingress-nginx/
├── charts/ # (Optional) Directory for dependency charts
├── templates/ # Directory for Kubernetes manifest templates
│ ├── clusterrole.yaml
│ ├── clusterrolebinding.yaml
│ ├── configmap.yaml
│ ├── deployment.yaml
│ ├── namespace.yaml
│ ├── role.yaml
│ ├── rolebinding.yaml
│ ├── service.yaml
│ ├── serviceaccount.yaml
├── .helmignore # File to specify files to ignore when packaging the chart
├── Chart.yaml # Metadata about the chart (name, version, etc.)
├── values.yaml # Default configuration values for the chart
Here is value.yaml
# values.yaml
namespace:
name: ingress-nginx
serviceAccount:
controller:
name: ingress-nginx
admission:
name: ingress-nginx-admission
rbac:
role:
name: ingress-nginx
clusterRole:
name: ingress-nginx
roleBinding:
name: ingress-nginx
clusterRoleBinding:
name: ingress-nginx
configMap:
name: ingress-nginx-controller
data:
"allow-snippet-annotations": "true"
service:
controller:
name: ingress-nginx-controller
type: LoadBalancer
loadBalancerIP: "98.70.240.191"
ports:
http: 80
https: 443
admission:
name: ingress-nginx-controller-admission
type: ClusterIP
ports:
https-webhook: 443
deployment:
name: ingress-nginx-controller
image:
repository: k8s.gcr.io/ingress-nginx/controller
tag: v1.12.0
pullPolicy: IfNotPresent
resources:
requests:
cpu: "100m"
memory: "90Mi"
securityContext:
runAsUser: 101
capabilities:
add: ["NET_BIND_SERVICE"]
drop: ["ALL"]
job:
admission:
create:
name: ingress-nginx-admission-create
image:
repository: k8s.gcr.io/ingress-nginx/kube-webhook-certgen
tag: v1.1.1
pullPolicy: IfNotPresent
patch:
name: ingress-nginx-admission-patch
image:
repository: k8s.gcr.io/ingress-nginx/kube-webhook-certgen
tag: v1.1.1
pullPolicy: IfNotPresent
ingressClass:
name: nginx
validatingWebhookConfiguration:
name: ingress-nginx-admission
I've stored all my Ingress-NGINX Helm chart files in a public GitHub repository: