Kubernetes Ingress is a resource to add rules for routing traffic from external sources to the services in the kubernetes cluster.
In this Kubernetes ingress tutorial series, you will learn the concept of ingress resource and ingress controllers used for routing external traffic to Kubernetes deployments. Also, we will cover advanced ingress routing using ISTIO ingress service gateway.
Generally, a custom Nginx or an HAproxy kubernetes deployment will be exposed as a service for proxying external traffic to internal cluster services, where the routing rules will be baked into the pod and added as a configmap. Kubenetes ingress acts in a similar way except the routing rules will be maintained as Kubernetes ingress object. It has a huge advantage of dynamic routing rule configuration without redeploying the proxy pods.
Kubernetes Ingress Tutorial
To get started, you need to understand two key things.
- Kubernetes Ingress
- Kubernetes Ingress Controller.
Lets have a look at each one these concepts.
Kubernetes Ingress is a native kubernetes resource where you can have rules to route traffic from an external source to service endpoints residing inside the cluster. It requires an ingress controller for routing the rules specified in the ingress object. An ingress object looks like the following.
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test-ingress namespace: dev spec: rules: - host: test.apps.example.com http: paths: - backend: serviceName: hello-service servicePort: 80
The above declaration means, all calls to
test.apps.example.com should hit the service named
hello-service residing in the dev namespace.
Key things to understand about ingress object.
- You should create ingress rules in the same namespace where you have the services deployed. You cannot route traffic to a service in a different namespace where you don’t have the ingress object.
- An ingress object requires an ingress controller for routing traffic.
- External traffic will not hit the ingress API, instead, it will hit the ingress controller service
Kubernetes Ingress Controller
Ingress controller is typically a proxy service deployed in the cluster. It is nothing but a kubernetes deployment exposed to a service. Following are the ingress controllers available for kubernetes.
Generally, Nginx is widely used as an ingress controller. Here is how an Nginx ingress controller works.
- The nginx.conf file inside the Nginx controller pod is a go template which can talk to Kubernetes ingress API and get the latest values for traffic routing in real time.
- The Nginx controller talks to Kubernetes ingress API to check if there is any rule created for traffic routing.
- If it finds any ingress rules, it will be applied to the Nginx controller configuration, that is a
nginx.conffile inside the pod using the go template.
If you connect to the pod using exec and check the
/etc/nginx/nginx.conf file, you can see all the rules specified in the ingress object applied in the conf file.
Here is the architecture diagram which explains the ingress setup on a kubernetes cluster.
In this tutorial series, we will look into all types of ingress solutions supported by Kubernetes.
Here is the list of kubernetes Ingress setup tutorials.