Hi @rubans
Apologies for your struggles, read this and wanted to use this as a learning experience for myself.
I am certainly not a K8s expert etc. but I got the ngnix-ingress controller to work just fine on GKE, I am sure I am missing some nuances somewhere.
Where is How I got GKE + ECK + ngnix-ingress-controller + TLS working.
This is what I did after a created a Vanilla GKE cluster
Of course I did all the role binding stuff etc.. etc..
I am using ECK so I applied that...
kubectl apply -f https://download.elastic.co/downloads/eck/1.4.0/all-in-one.yaml
Then per here I applied
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml
I created a cert, dns etc... etc..
Then I I applied this
kubectl apply -f es-kb-ingress.yaml
This is es-kb-ingress.yaml
apiVersion: elasticsearch.k8s.elastic.co/v1beta1
kind: Elasticsearch
metadata:
name: d3m0
spec:
version: 7.11.1
nodeSets:
- name: default
count: 3
config:
node.store.allow_mmap: false
---
apiVersion: kibana.k8s.elastic.co/v1beta1
kind: Kibana
metadata:
name: d3m0
spec:
version: 7.11.1
count: 1
elasticsearchRef:
name: d3m0
http:
tls:
selfSignedCertificate:
disabled: true
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: kibana-ingress
annotations:
kubernetes.io/ingress.class: nginx
spec:
tls:
- hosts:
- kib.mydomain.net
# Assumes Realcert with above host in it
secretName: my-kb-cert
rules:
- host: kib.mydomain.net
http:
paths:
- path: /
backend:
serviceName: d3m0-kb-http
servicePort: 5601
And this is what I got a nice secured stack from an ingress perspective (I would secure the back end as well)
Perhaps give it a try...
I suspect I am missing something, you asked for default... hmmm I will try that next