Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Installing Ingress NGINX

Written by
Improved by
Updated at January 26, 2026

Ingress NGINX is an ingress controller for NGINX that balances the load between WebSocket, gRPC, TCP, or UDP applications. Ingress NGINX is installed in a Managed Service for Kubernetes cluster and is set up using the Kubernetes ConfigMap and Ingress objects, including its annotations.

Getting started

  1. If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

    By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

  2. Make sure the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If a rule is missing, add it.

    Warning

    The configuration of security groups determines performance and availability of the cluster and the services and applications running in it.

Installation from Yandex Cloud Marketplace

  1. Navigate to the folder dashboard and select Managed Service for Kubernetes.

  2. Click the cluster name and select the Marketplace tab.

  3. Under Application available for installation, select Ingress NGINX and click Go to install.

  4. Configure the application:

    • Namespace: Create a new namespace, e.g., ingress-nginx-space. If you leave the default namespace, Ingress NGINX may work incorrectly.

    • Application name: Specify the application name.

    • Number of controller replicas: Set the number of ingress controller replicas to improve fault tolerance. If only one replica is used, then, in case of its failure, the applications deployed using the ingress controller will become unavailable.

      The default value is 1.

    • Controller IP address: Specify a reserved IP address. You can reserve it using Yandex Virtual Private Cloud.

      If you do not fill in the field, the ingress controller will get a dynamic IP address.

    • Traffic management policy: Select a policy for external traffic management. It matches the externalTrafficPolicy parameter in the Kubernetes specifications. The possible values are:

      • Cluster: Traffic is routed to different Kubernetes nodes (default). As a result, traffic is distributed evenly; however, there are certain drawbacks:

        • The packet may come to one node's proxy and get rerouted to another node leading to delays in performing operations and sending packets.
        • The pod that receives the packet sees the IP address of the proxying node rather than the one of the client. As a result, the client IP address is not preserved.

      • Local: Traffic is proxied and distributed across pods on the same node. The traffic is routed to the node via the port specified in the Kubernetes Service object of the LoadBalancer or NodePort type.

        The traffic comes to a specific node, so it is distributed unevenly across nodes; however, the client IP address is preserved.

      For more information about policies for external traffic management, see this Kubernetes guide.

  5. Click Install.

  6. Wait for the application to change its status to Deployed.

Installation using a Helm chart

  1. Install Helm v3.8.0 or higher.

  2. Install kubect and configure it to work with the new cluster.

  3. To install a Helm chart with an NGINX Ingress controller, run this command:

    helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/ingress-nginx/chart/ingress-nginx \
   --version 4.13.0 \
   --untar && \
helm install \
   --namespace <namespace> \
   --create-namespace \
   ingress-nginx ./ingress-nginx/

    If you set namespace to the default namespace, Ingress NGINX may work incorrectly. We recommend specifying a value different from all the existing namespaces, e.g., ingress-nginx-space.

    Note

    If you are using a Helm version below 3.8.0, add the export HELM_EXPERIMENTAL_OCI=1 && \ string at the beginning of the command to enable Open Container Initiative (OCI) support in the Helm client.

Use cases

See also

Previous
Installing HashiCorp Vault
Next
Installing an Application Load Balancer ingress controller