IT 3300 : Virtualization

Kubernetes Ingress

Ingress

This is another way to get traffic to your cluster. To understand, let's review the other ways of getting traffic to the cluster

Cluster IP

  • No external access
  • only accessible inside the cluster from the cluster IP address that is generated
  • unless you run kubectl proxy --port=8080
  • Only useful for debugging, local dev, allowing internal traffic. NOT for production

Node Port

The most primitive way of getting traffic to your service.

  • opens a specific port number on all your nodes
  • only one service per port
  • can only use port numbers 30000-32767
  • if node ip address changes, you have to deal with that
  • shouldn't use in production, useful for soemthing temporary

Load Balancer

The standard way to expose a service to the internet.

  • only works correctly on cloud provider. Gives you a single ip address to forward traffic to
  • can send all types of traffic to is (HTTP, TCP, UDP, etc...)
  • The big downside is that each service you expose with a LoadBalancer will get its own IP address, and you have to pay for a LoadBalancer per exposed service, which can get expensive

Ingress

Acts as an entrypoint into your cluster. The default GKE ingress controller will spin up a HTTP(S) Load Balancer for you. This will let you do both path based and subdomain based routing to backend services.

  • can become complicated
  • many to choose from
  • plugins that can provision ssl
  • Ingress is the most useful if you want to expose multiple services under the same IP address
  • You must microk8s enable ingress, then you can apply the yaml on the following page.

Ingress example yaml

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: ingress-stuff
    spec:
      ingressClassName: nginx
      rules:
        - http:
            paths:
              - path: /
                pathType: Prefix
                backend:
                  service:
                    name: frontend-service
                    port:
                      number: 80

Ingress example for sentiment

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: ingress-stuff
    spec:
      ingressClassName: nginx
      rules:
        - http:
            paths:
              #I don't have to use /s. I could use /
              - path: /
                pathType: Prefix
                backend:
                  service:
                    name: sa-frontend-lb
                    port:
                      number: 80
              - path: /sentiment
                pathType: Prefix
                backend:
                  service:
                    name: sa-web-app-lb
                    port:
                      number: 80

Ingress example yaml