Ingress in Kubernetes

Ingress in Kubernetes

Ingress in Kubernetes is a resource that allows you to manage external access to your services, typically HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting.

Installing Ingress

Here’s a step-by-step guide on how to install an ingress controller using kubectl -f:

  1. Create a Namespace for Ingress Controller (Optional):

     kubectl create namespace ingress-nginx
    
  2. Install the Ingress Controller: Download the YAML for the ingress controller and apply it. For example, to install the NGINX ingress controller:

     kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/cloud/deploy.yaml
    
  3. Verify the Installation: Check that the NGINX ingress controller is running:

     kubectl get pods --namespace ingress-nginx
    

    You should see pods with names starting with nginx-ingress-controller.

Or We can use Helm to install the ingress contoller,

  1. Add the Ingress NGINX Helm Repository

    First, add the ingress-nginx repository and update your Helm repos:

     helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
     helm repo update
    
  2. Install the NGINX Ingress Controller

    Install the NGINX Ingress Controller in the ingress-nginx namespace:

     helm install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --create-namespace
    
  3. Verify the Installation

    Check the status of the Ingress Controller pods:

     kubectl get pods -n ingress-nginx
    

    You should see output similar to this, showing that the Ingress Controller pods are running:

     NAME                                       READY   STATUS    RESTARTS   AGE
     ingress-nginx-controller-xxxxxxx-xxxxx     1/1     Running   0          1m
    
  4. Verify the Ingress Class

    Ensure that the Ingress Class nginx has been created:

     kubectl get ingressclass
    

    You should see output similar to this:

     NAME    CONTROLLER             PARAMETERS   AGE
     nginx   k8s.io/ingress-nginx   <none>       1m
    
  5. Verify the Ingress Controller Service

    Check the service created for the Ingress Controller to ensure it's exposing the appropriate ports:

     kubectl get svc -n ingress-nginx
    

    You should see output similar to this:

     NAME                                 TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)                      AGE
     ingress-nginx-controller             LoadBalancer   10.96.240.156   <external-ip>   80:31239/TCP,443:30987/TCP   1m
     ingress-nginx-controller-admission   ClusterIP      10.96.191.231   <none>          443/TCP                      1m
    
  6. Create a Basic Ingress Resource

    Now, create a basic ingress resource for your frontend and backend services without SSL configuration:

     apiVersion: networking.k8s.io/v1
     kind: Ingress
     metadata:
       name: combined-ingress
       namespace: high5
       annotations:
         kubernetes.io/ingress.class: nginx
     spec:
       rules:
       - host: frontkube.metashure.com
         http:
           paths:
           - path: /
             pathType: Prefix
             backend:
               service:
                 name: frontend-service
                 port:
                   number: 80
       - host: backkube.metashure.com
         http:
           paths:
           - path: /
             pathType: Prefix
             backend:
               service:
                 name: backend-service
                 port:
                   number: 80
    

    Save this YAML as combined-ingress.yaml and apply it:

     kubectl apply -f combined-ingress.yaml
    

    Verification

    1. Check the Ingress Resource:

       kubectl get ingress -n high5
      

      You should see your combined-ingress resource listed with the correct details.

    2. Verify DNS Resolution:

      • Ensure your DNS records for frontkube.metashure.com and backkube.metashure.com are pointing to the external IP of the Ingress Controller.

      • Verify that accessing these URLs in a browser or via curl returns the expected responses.

By following these steps, you will have installed the NGINX Ingress Controller and set up a basic ingress resource without SSL configuration.

Types of Ingress

  1. Path-Based Routing: Routes traffic to different services based on the URL path.

  2. Host-Based Routing: Routes traffic to different services based on the domain name (host).

Sample Ingress Resources

Path-Based Routing

This example routes traffic to different services based on the URL path:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: path-based-ingress
  namespace: my-namespace
spec:
  rules:
  - host: example.com
    http:
      paths:
      - path: /app1
        pathType: Prefix
        backend:
          service:
            name: app1-service
            port:
              number: 80
      - path: /app2
        pathType: Prefix
        backend:
          service:
            name: app2-service
            port:
              number: 80

Host-Based Routing

This example routes traffic to different services based on the domain name:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: host-based-ingress
  namespace: my-namespace
spec:
  rules:
  - host: app1.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: app1-service
            port:
              number: 80
  - host: app2.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: app2-service
            port:
              number: 80

Checking the Ingress, Ingress Controller, and Ingress Webhook

  1. Ingress:

     kubectl get ingress
    
  2. Ingress Controller:

     kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx
    
  3. Ingress Webhook: The ingress-nginx controller includes a ValidatingWebhookConfiguration resource. To check if it's running:

     kubectl get validatingwebhookconfiguration