Ingress in Kubernetes is a resource that allows you to manage external access to your services, typically HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting.
Installing Ingress
Here’s a step-by-step guide on how to install an ingress controller using kubectl -f
:
Create a Namespace for Ingress Controller (Optional):
kubectl create namespace ingress-nginx
Install the Ingress Controller: Download the YAML for the ingress controller and apply it. For example, to install the NGINX ingress controller:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/cloud/deploy.yaml
Verify the Installation: Check that the NGINX ingress controller is running:
kubectl get pods --namespace ingress-nginx
You should see pods with names starting with
nginx-ingress-controller
.
Or We can use Helm to install the ingress contoller,
Add the Ingress NGINX Helm Repository
First, add the ingress-nginx repository and update your Helm repos:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx helm repo update
Install the NGINX Ingress Controller
Install the NGINX Ingress Controller in the
ingress-nginx
namespace:helm install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --create-namespace
Verify the Installation
Check the status of the Ingress Controller pods:
kubectl get pods -n ingress-nginx
You should see output similar to this, showing that the Ingress Controller pods are running:
NAME READY STATUS RESTARTS AGE ingress-nginx-controller-xxxxxxx-xxxxx 1/1 Running 0 1m
Verify the Ingress Class
Ensure that the Ingress Class
nginx
has been created:kubectl get ingressclass
You should see output similar to this:
NAME CONTROLLER PARAMETERS AGE nginx k8s.io/ingress-nginx <none> 1m
Verify the Ingress Controller Service
Check the service created for the Ingress Controller to ensure it's exposing the appropriate ports:
kubectl get svc -n ingress-nginx
You should see output similar to this:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.96.240.156 <external-ip> 80:31239/TCP,443:30987/TCP 1m ingress-nginx-controller-admission ClusterIP 10.96.191.231 <none> 443/TCP 1m
Create a Basic Ingress Resource
Now, create a basic ingress resource for your frontend and backend services without SSL configuration:
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: combined-ingress namespace: high5 annotations: kubernetes.io/ingress.class: nginx spec: rules: - host: frontkube.metashure.com http: paths: - path: / pathType: Prefix backend: service: name: frontend-service port: number: 80 - host: backkube.metashure.com http: paths: - path: / pathType: Prefix backend: service: name: backend-service port: number: 80
Save this YAML as
combined-ingress.yaml
and apply it:kubectl apply -f combined-ingress.yaml
Verification
Check the Ingress Resource:
kubectl get ingress -n high5
You should see your
combined-ingress
resource listed with the correct details.Verify DNS Resolution:
Ensure your DNS records for
frontkube.metashure.com
andbackkube.metashure.com
are pointing to the external IP of the Ingress Controller.Verify that accessing these URLs in a browser or via
curl
returns the expected responses.
By following these steps, you will have installed the NGINX Ingress Controller and set up a basic ingress resource without SSL configuration.
Types of Ingress
Path-Based Routing: Routes traffic to different services based on the URL path.
Host-Based Routing: Routes traffic to different services based on the domain name (host).
Sample Ingress Resources
Path-Based Routing
This example routes traffic to different services based on the URL path:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: path-based-ingress
namespace: my-namespace
spec:
rules:
- host: example.com
http:
paths:
- path: /app1
pathType: Prefix
backend:
service:
name: app1-service
port:
number: 80
- path: /app2
pathType: Prefix
backend:
service:
name: app2-service
port:
number: 80
Host-Based Routing
This example routes traffic to different services based on the domain name:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: host-based-ingress
namespace: my-namespace
spec:
rules:
- host: app1.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: app1-service
port:
number: 80
- host: app2.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: app2-service
port:
number: 80
Checking the Ingress, Ingress Controller, and Ingress Webhook
Ingress:
kubectl get ingress
Ingress Controller:
kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx
Ingress Webhook: The ingress-nginx controller includes a ValidatingWebhookConfiguration resource. To check if it's running:
kubectl get validatingwebhookconfiguration