Ingress for subdomains


I have a wildcard cname record for *
I would like to point the subdomain to different deployment/pod/services.

My expectation is that when a users enters the URL it would redirect all traffic to that service. Currently it always redirects to the rancher UI.
I can reach the service(xxx://servername/api/v1/namespaces/lab/services/http:service:80) but setting up ingress for to point to that service “service”> Port80 does nothing.

I have tried Global DNS, External Names, Loadbalancer everything redirects to the rancher UI.

Any suggestions how i might achieve this?


I have 11 nodes in my cluster and I have them set up as follows. Maybe this will help.

I have rancher1-rancher3 running HA RKE2 running rancher and let’s call my domain name “mydomain.blah” because why not. When I set it up I set a DNS entry for rancher-ui to point to rancher1 then set up RKE2 on rancher1, then set it up on 2 & 3 with the server line in config.yaml pointing to rancher-ui. Then I modified DNS so rancher-ui points to all three IP addresses. I can now access Rancher UI from rancher-ui and it might hit any of the three. I also can do the same with kubectl since I set the server line in ~/.kube/config to point to rancher-ui. When I set up Rancher via Helm, it set an ingress for rancher-ui.mydomain.blah

For my downstream cluster, I set up RKE2 with three nodes as control plane & etcd (control1-3) and 5 nodes as worker (worker1-5). The time I did it from the Rancher UI I just did it and ignored the control-all DNS that points to all three, but the time I set up RKE2 manually I had to do same as above with setting it to control1 first and then set control-all in config.yaml on the others and then add back. This config will also put an nginx-ingress-controller DaemonSet deployed across the five worker nodes. I have an external HAProxy set up to forward traffic from 80 to round robin to 80 on all five worker nodes and ditto with 443 and I have a wildcard DNS *.kubhost.mydomain.blah set there. I can now set up arbitrary services in the Rancher UI and then set up an ingress pointing to any host and it’ll go there, for example I set up the default Rancher Monitoring app with Promethius & Grafana and then set an ingress so grafana-monitoring.kubhost.mydomain.blah was pointed to the Grafana web port. I could now go to grafana-monitoring.kubhost.mydomain.blah in my browser and get to the monitoring app.

I’m guessing you did a single node Rancher install, maybe the Docker install and it probably has a really permissive ingress. You should be able to do a kubectl edit ingress rancher --namespace cattle-system or something similar on your local cluster to be able to edit the ingress. At that point if you give it a single hostname under your subdomain for Rancher alone then Rancher won’t show up on the rest and you should be able to set up an ingress for your other services.