NGINX Ingress Controller with Standalone Network Endpoint Group (NEG)

ingress-nginx-standalone-neg.sh

#!/usr/bin/env bash
#
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Disclaimer: This is not an officially supported Google product.

set -euf -o pipefail

INGRESS_NGINX_VERSION=${INGRESS_NGINX_VERSION:-0.32.0}

curl -sSLO "https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-${INGRESS_NGINX_VERSION}/deploy/static/provider/cloud/deploy.yaml"

cat << EOF > patch-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  replicas: 2
  template:
    spec:
      containers:
      - name: controller
        ports:
        - containerPort: 10254
          name: health
EOF

cat << EOF > patch-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx-controller
  namespace: ingress-nginx
  annotations:
    cloud.google.com/neg: '{"exposed_ports": {"80": {}, "443": {}}}'
spec:
  externalTrafficPolicy: ''
  type: ClusterIP
EOF

cat << EOF > kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deploy.yaml
patchesStrategicMerge:
- patch-deployment.yaml
- patch-service.yaml
EOF

kubectl apply --kustomize .

echo
echo 'ingress-nginx successfully installed.'
echo
echo 'Read how to add external HTTP(S) load balancing:'
echo 'https://cloud.google.com/kubernetes-engine/docs/how-to/standalone-neg#attach_load_balancers_to_standalone_negs'
echo
echo 'If you have multiple ingress controllers in your cluster, add this'
echo 'annotation to your ingress objects to use ingress-nginx:'
echo '    kubernetes.io/ingress.class: nginx'
echo

Hi, it fails for me with this error:

kubectl apply --kustomize .
W0712 08:58:14.981178  305120 gcp.go:120] WARNING: the gcp auth plugin is deprecated in v1.22+, unavailable in v1.25+; use gcloud instead.
To learn more, consult https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
serviceaccount/ingress-nginx-admission created
role.rbac.authorization.k8s.io/ingress-nginx created
role.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrole.rbac.authorization.k8s.io/ingress-nginx created
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
rolebinding.rbac.authorization.k8s.io/ingress-nginx created
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
configmap/ingress-nginx-controller created
service/ingress-nginx-controller created
service/ingress-nginx-controller-admission created
deployment.apps/ingress-nginx-controller created
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created
error: resource mapping not found for name: "ingress-nginx-admission" namespace: "ingress-nginx" from ".": no matches for kind "ValidatingWebhookConfiguration" in ver"
ensure CRDs are installed firs

Running on GCP GKE version 1.22.8-gke.202
INGRESS_NGINX_VERSION=0.32.0

Do you have any advice please? Thank you