All About Kubernetes Ingress: A Beginner's Guide to Ingress Basics
Introduction
Kubernetes is an open-source orchestration system aimed at automating deployment, scaling, and managing operations of application containers across clusters of hosts. And Ingress resources and controllers in Kubernetes help us to manage the HTTP access to our cluster.
Need of Ingress
Even though the service provides the feature of exposing the link to the external world using features like Node Port and Load Balance. But it has still the problem mainly in managing the load on service.
As Many clients have come from the virtual machine and migrated to Kubernetes, they face the problem in load balancing as they came from virtual machines which have enterprise-level load balancing tools like Nginx, and Traefik and they provide the different types of load balancing. Some of the features of load balancing are ratio-based load balancing, sticky session, path-based, and many other advanced load balancing features. But in Kubernetes, they only get a very minimal feature of load balancing working in the Round Robin technique.
They also need to create many load balancer types services for each service they will get charged by the cloud provider which leads to an increase in cloud billing. This problem leads to the birth of ingress.
About Ingress
Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource.
Ingress provides externally available URLs, performs load balancing, terminates SSL/TLS, and offers name-based virtual hosting.
Ingress balances the load coming outside the cluster to the services based on the ingress resources.
The above fig taken from the Kubernetes documentation explains about the ingress. Here in the fig, we can see the ingress which is inside the cluster manages the incoming traffic according to the routing rule and send it to the respective service.
With Ingress, we can define a single point of entry for external traffic to our cluster. It acts as an API gateway or a reverse proxy, intelligently routing requests to the appropriate services based on specified rules. In this way, it also solves the problem of accessing billing of cloud providers.
Ingress consists of two main components.
Ingress Resources and
Ingress Controller
We have to create ingress Resouces based on our needs while different load balancer company have their own ingress controller. We just need to configure it in our cluster. Without an ingress controller, only ingress resources will not work.
Ingress Resources
The Ingress resource is a Kubernetes object that defines the rules and configuration for traffic routing. The Ingress resource consists of a set of rules, each specifying a host, paths, and backend services to route traffic.
We can have different types of load balancing supported by ingress.
Here is the ingress configuration file of one of its type:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: example.com
http:
paths:
- path: /app1
pathType: Prefix
backend:
service:
name: service1
port:
number: 80
- path: /app2
pathType: Prefix
backend:
service:
name: service2
port:
number: 80
This Ingress resource defines the rules for routing incoming traffic to two different backend services (service1
and service2
) based on the requested URL paths.
metadata
name: my-ingress
: Specifies the name of the Ingress resource, which is set as my-ingress
.
host:
example.com
: Specifies the host to match incoming requests. Requests with the host example.com
will be processed by this Ingress resource. and
paths
: Contains a list of path-based routing rules.
Requests with the path /app1
will be routed to the backend service service1
at port 80 and the
Requests with the path /app2
will be routed to the backend service service2
at port 80.
This is one of the types of load balancing supported by the ingress known as round-robin load balancing.
We have various types among them Hostname wildcard is also the important one. They enable us to define routing rules for multiple subdomains or hosts using a single wildcard character. A hostname wildcard is represented by an asterisk (*
). This allows us to create dynamic routing rules without defining each subdomain individually.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wildcard-ingress
spec:
rules:
- host: "*.example.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backend-service
port:
number: 80
Suppose we have a domain called example.com
and with a wildcard rule, any subdomain under example.com
will match the rule. For example, sub1.example.com
, sub2.example.com
, and app.example.com
will all be routed based on this wildcard rule.
Ingress Controller
The Ingress Controller acts as a centralized entry point for external traffic and manages the routing and load balancing of incoming requests. It also handles SSL/TLS termination for secure communication.
The Services within the cluster are associated with the Ingress Controller. The Ingress Controller reads the defined rules and routes the incoming requests to the appropriate Service based on criteria such as URL paths, hostnames, or headers.
When an external request comes in, it first reaches the Ingress Controller, which evaluates the defined rules and determines the appropriate destination service based on the request's attributes. The Ingress Controller then routes the request to the selected service, performing any necessary load balancing and SSL/TLS termination along the way.
The main roles of the ingress Controller are to:
Receiving and Evaluating Ingress Rules
Load Balancing
SSL/TLS Termination
There are many types of ingress Controller among them NGINX is the most widely used Controller.
Set up Ingress on Minikube with the NGINX Ingress Controller
command minikube addons enable ingress
minikube addons enable ingress
We can deploy the Ingress Controller using the HELM chart and other tools.
Conclusion
Kubernetes Ingress and its associated resources provide a powerful mechanism for managing inbound traffic and routing rules in a Kubernetes cluster. The Ingress resource allows for flexible configuration of routing based on hostnames, paths, and load balancing techniques. Ingress Controllers serve as the implementation of these rules, ensuring traffic is correctly routed to backend services.