Using ingress-nginx on Kubernetes makes adding CORS headers painless. Kubernetes ingress-nginx uses annotations as a quick way to allow you to specify the automatic generation of an extensive list of common nginx configuration options.
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: api namespace: fuse labels: app: api annotations: nginx.ingress.kubernetes.io/enable-cors: "true" nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS" nginx.ingress.kubernetes.io/cors-allow-origin: "https://admin.example.com" nginx.ingress.kubernetes.io/cors-allow-credentials: "true" spec: rules: - host: api.example.com http: paths: - backend: serviceName: api-example servicePort: 80 path: /api tls: - hosts: - api.example.com secretName: example-tls
You can check the nginx configuration file generated by Kubernetes ingress-nginx on any of the ingress controller pods.
If you set up the standard Kubernetes ingress-nginx on your cluster, you should have one or more controller pods running in the ingress-nginx namespace.
kubectl get pods -n ingress-nginx NAME READY STATUS RESTARTS AGE default-http-backend-5c6d95c48-xvs55 1/1 Running 0 26d nginx-ingress-controller-f5676dc7-5ks6q 1/1 Running 0 26d nginx-ingress-controller-f5676dc7-cjl6l 1/1 Running 0 26d nginx-ingress-controller-f5676dc7-kthxn 1/1 Running 0 26d nginx-ingress-controller-f5676dc7-rvhbv 1/1 Running 0 26d
Pick a controller and
cat the nginx configuration:
# pipe the config to less or your favorite text reader kubectl exec -n ingress-nginx \ nginx-ingress-controller-f5676dc7-kthxn \ cat /etc/nginx/nginx.conf | less
You can see that ingress-nginx created some header directives for nginx:
... more_set_headers 'Access-Control-Allow-Credentials: true'; ...
Port Forwarding / Local Development
Check out kubefwd for a simple command line utility that bulk forwards services of one or more namespaces to your local workstation.
If you found this article useful, you may want to check out all my articles on Kubernetes, used to build on the Production Hobby Cluster. PHC an excellent environment for developing and testing cloud-native microservices like txToken. While using Minikube or similar environments for testing and developing cloud-native microservices, I find it a much better experience to use a more true-to-production cluster like PHC.
If in a few days you find yourself setting up a Production Hobby Cluster in Japan or Germany on Linode, and another two in Australia and France on vultr, then you may have just joined the PHC (Performance Hobby Clusters) club. Some people tinker late at night on their truck, we benchmark and test the resilience of node failures on our overseas, budget kubernetes clusters. It’s all about going big, on the cheap.
CORS on Kubernetes Ingress Nginx: Painless CORS header configuration in Kubernetes by Craig Johnston is licensed under a Creative Commons Attribution 4.0 International License.