6. K8s Ingress

Routing Rules

Forward Request to internal service

Host

• must be valid domain address

• map domain name to node's ip address, which is the entrypoint

Configuration in Cluster

• We need an implementation for ingress which is an ingress controler

• It is a pod which runs on a node inside the cluster which should be installed

• Many third party implementations are present but one of K8 is K8s Nginx Ingress Controller

• Environment should be considered on which cluster is running

  • AWS, Google Cloud, etc Docs

    • One common reccommended practice for clouds is
  • On BareMetal Environment Docs

    • Manually configure entry point and load balancer

    • Many solutions but one commonly used is proxy server

Ingress Controller on Minikube

It automatically starts K8 Nginx implementation of Ingress Controller

minikube addons enable ingress

To verify

kubectl get pod -n kube-system

Config Methods

Method 1

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: dashboard-ingress
spec:
  rules:
  # Method 1
  - host: dashboard.com
    http:
      paths:
      - path: /analytics
        backend:
          serviceName: analytics-dashboard
          servicePort: 80
      - path: /shopping
        backend:
          serviceName: shopping-dashboard
          servicePort: 8080

Method 2

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: dashboard-ingress
spec:
  rules:
  # Method 2
    - host: analytics.myapp.com
      http:
        paths:
          backend:
            serviceName: analytics-service
            servicePort: 3000
    - host: shopping.myapp.com
      http:
        paths:
          backend:
            serviceName: shopping-service
            servicePort: 8080

Configuring TLS Certificate

1. Data keys need to be tls.crt and tls.key

2. Values are file content NOT file paths/locations

3. Secret components must be in same namespace as the ingress component.