Ingress Mapping

We recommend starting out with Nginx-ingress controller. More information about Nginx configuration can be found here Ingress Options.

Enable basic auth to ingress

Create a password first (it is important the file generated is called auth)

htpasswd -c auth foo
New password: <bar>
New password:
Re-type new password:
Adding password for user foo

Create the secret in Kubernetes

kubectl create secret generic basic-auth --from-file=auth

Add the following annotation to your ingress map basic basic-auth 'Authentication Required - foo'


If you want to limit access to a service can it be done with the help of whitelisting

kind: Ingress
  name: nginx
  annotations: <IP RANGES>
  - http:
      - path: /
            name: nginx
              number: 80

Running Nexus in Kubernetes with Whitelisting

Not all nodes can pull images from my Nexus

If you encounter issues with nodes that can not pull images, make sure all load-balancer node host IP addresses and is allowed in the whitelist.

  • When a connection is established between a host and one of its pods, the network stack does not use NAT. Instead, a direct link is created between the host IP and the pod IP.
  • is used when node uses the Kubernetes network stack instead of direct connection.

These connections will not use the internet and always be local to the Kubernetes Stack and do not pose a security risk.