【Kubernetes/K8S】 Detailed explanation of Ingress and Nginx

What is Ingress

In Kubernetes, Ingress is an object that allows access to your Kubernetes service from outside the Kubernetes cluster. You can configure access by creating a set of rules that define which inbound connections reach which services.

This allows you to consolidate routing rules into a single resource. For example, you might want to send a request to an api-v1 service in example.com/api/v1/ and request an api-v2 service in example.com/api/v2/. With Ingress, you can easily set it up without having to create a bunch of LoadBalancers or expose each service on Node.js

Kubernetes Ingress, LoadBalancer, NodePort

Both do the same thing. They allow you to request public services from external networks. They allow you to send requests from outside the Kubernetes cluster to services inside the cluster

NodePort

NodePort is the configuration setting you declare in the YAML of the service. Set the service specification type to NodePort. Then, Kubernetes will assign a specific port for the service on each node, and any requests to your cluster on that port will be forwarded to the service

Disadvantages: You don’t know which port your service will be allocated, and the port may be reassigned at some point

LoadBalancer

You can set the service to LoadBalancer and set the same type as NodePort-type. Specify the attributes in the YAML of the service. The cluster needs to have some external load balancer functions, usually implemented by the cloud provider

This usually relies heavily on the cloud provider-GKE creates a network load balancer that contains an IP address that can be used to access the service

Every time you want to expose a service to the outside world, you must create a new LoadBalancer and obtain an IP address

Ingress

NodePort and LoadBalancer allow you to pass the type of service. On the other hand, Ingress is a completely independent resource of your service. You declare, create and destroy it separately from your service

This makes it separate and isolated from the services you want to expose. It can also help you consolidate routing rules into one place

One disadvantage is that you need to configure an ingress controller for your cluster. But it's very simple-in this example, we will use the Nginx ingress controller

How to use Nginx Ingress

Install

1. Deployment configuration Ingress namespace

   kubectl apply -f https://github.com/kubernetes/ingress-nginx/blob/nginx-0.30.0/deploy/static/namespace.yaml

2. Deploy and configure the Ingress controller

Get the official configuration file

$ wget https://github.com/kubernetes/ingress-nginx/blob/nginx-0.30.0/deploy/static/mandatory.yaml

Modify the file (about 212 lines)

This has set up the Nginx ingress controller. Now, we can create an Ingress resource in the Kubernetes cluster and route external requests to our service

Solve domestic network access problems

Create Kubernetes Ingress

First, let's create two services to demonstrate how Ingress routes our requests. We will run two web applications that output slightly different responses

kind: Pod
apiVersion: v1
metadata:
  name: apple-app
  labels:
    app: apple
spec:
  containers:
    -name: apple-app
      image: hashicorp/http-echo
      args:
        -"-text=apple"

---

kind: Service
apiVersion: v1
metadata:
  name: apple-service
spec:
  selector:
    app: apple
  ports:
    -port: 5678 # Default port for image

kind: Pod
apiVersion: v1
metadata:
  name: banana-app
  labels:
    app: banana
spec:
  containers:
    -name: banana-app
      image: hashicorp/http-echo
      args:
        -"-text=banana"

---

kind: Service
apiVersion: v1
metadata:
  name: banana-service
spec:
  selector:
    app: banana
  ports:
    -port: 5678 # Default port for image

Create resources

$ kubectl apply -f apple.yaml
$ kubectl apply -f banana.yaml

Now, declare an Ingress to route/apple the request to the first service and route/banana the request to the second service. View the Ingress field where the rules declares how the request is passed

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  -http:
      paths:
        -path: /apple
          backend:
            serviceName: apple-service
            servicePort: 5678
        -path: /banana
          backend:
            serviceName: banana-service
            servicePort: 5678

Create Ingress in the cluster

kubectl create -f ingress.yaml

Check if it works

$ curl -kL http://localhost/apple
apple

$ curl -kL http://localhost/banana
banana

$ curl -kL http://localhost/notfound
default backend-404