Skip to main content

Configure Ingress Networking

Skill Verified Active
Part of:Agent Almanac

Configure Kubernetes Ingress networking with NGINX Ingress Controller, cert-manager for automated TLS certificate management, path-based routing, rate limiting, and multi-domain hosting with SSL termination and load balancing. Use when exposing multiple Kubernetes services via a single load balancer, implementing path-based or host-based routing, automating TLS certificate issuance with Let's Encrypt, or setting up blue-green and canary deployments with traffic splitting.

Purpose

To automate the complex configuration of production-grade Kubernetes Ingress networking, enabling robust multi-service exposure, secure TLS management, and advanced traffic control.

Features

  • Configure NGINX Ingress Controller installation
  • Automate TLS certificate issuance with cert-manager
  • Implement path-based and host-based routing
  • Set up traffic splitting for canary deployments
  • Configure rate limiting and authentication
  • Customize error pages and headers

Use Cases

  • Exposing multiple Kubernetes services via a single load balancer
  • Implementing path-based or host-based routing for microservices
  • Automating TLS certificate issuance and renewal with Let's Encrypt
  • Setting up blue-green or canary deployments with traffic splitting

Non-Goals

  • Managing the underlying Kubernetes cluster infrastructure
  • Configuring application-specific logic beyond network exposure
  • Providing a fully automated, zero-configuration solution (user input required for specifics like DNS and credentials)

Workflow

  1. Install NGINX Ingress Controller
  2. Install cert-manager for Automated TLS
  3. Create Basic Ingress with TLS
  4. Implement Advanced Routing and Load Balancing
  5. Configure Rate Limiting and Authentication
  6. Implement Custom Error Pages and Request Modification

Practices

  • DevOps
  • Kubernetes Management
  • Network Configuration

Prerequisites

  • Kubernetes cluster with LoadBalancer support or MetalLB
  • DNS records pointing to cluster LoadBalancer IP
  • kubectl and Helm installed

Documentation

  • info:Configuration & parameter referenceWhile the procedure details commands and configurations, specific defaults for Helm installations and annotations are not explicitly listed.

Code Execution

  • info:ValidationInput validation relies on Kubernetes and Helm's own validation mechanisms. Explicit schema validation for arguments like `email` or `hostedZoneID` is not detailed.

Execution

  • info:Pinned dependenciesThe skill relies on system tools like `kubectl` and `helm` which should ideally be pinned, but this is not explicitly declared in the SKILL.md.

Installation

/plugin install agent-almanac@pjt222-agent-almanac

Quality Score

Verified
95 /100
Analyzed about 21 hours ago

Trust Signals

Last commit1 day ago
GitHub owner pjt222 (opens in new tab)
Stars14
Downloads 308 (opens in new tab)
LicenseMIT
Websitepjt222.github.io(opens in new tab)
Status
View Source

Similar Extensions

K8s Manifest Generator

100

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

Skill
wshobson

Setup Container Registry

99

Configure container image registries including GitHub Container Registry (ghcr.io), Docker Hub, and Harbor with automated image scanning, tagging strategies, retention policies, and CI/CD integration for secure image distribution. Use when setting up a private container registry, migrating from Docker Hub to self-hosted registries, implementing vulnerability scanning in CI/CD pipelines, managing multi-architecture images, enforcing image signing, or configuring automatic cleanup and retention policies.

Skill
pjt222

Kubernetes Specialist

99

Use when deploying or managing Kubernetes workloads. Invoke to create deployment manifests, configure pod security policies, set up service accounts, define network isolation rules, debug pod crashes, analyze resource limits, inspect container logs, or right-size workloads. Use for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization, GitOps pipelines, and multi-cluster management.

Skill
jeffallan

Secure Linux Web Hosting

99

Use when setting up, hardening, or reviewing a cloud server for self-hosting, including DNS, SSH, firewalls, Nginx, static-site hosting, reverse-proxying an app, HTTPS with Let's Encrypt or ACME clients, safe HTTP-to-HTTPS redirects, or optional post-launch network tuning such as BBR.

Skill
xixu-me

Mtls Configuration

98

Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service communication.

Skill
wshobson

Configure Reverse Proxy

98

Configure reverse proxy patterns across multiple tools including Nginx, Traefik, and ShinyProxy. Covers WebSocket proxying, path-based and host-based routing, SSL termination, and Docker label auto-discovery. Use when routing multiple services behind a single entry point, proxying WebSocket connections (Shiny, Socket.IO), auto-discovering Docker services with Traefik labels, or adding SSL termination to services that don't handle TLS natively.

Skill
pjt222

© 2025 SkillRepo · Find the right skill, skip the noise.