☸️ Kubernetes Q15 / 20

What is an Ingress in Kubernetes?

AI-Powered Answer ✓ Answered

In Kubernetes, an Ingress is an API object that manages external access to the services in a cluster, typically HTTP. It provides HTTP and HTTPS routing to services based on hostnames or URL paths, acting as a powerful layer 7 load balancer.

Core Purpose

Without Ingress, exposing services to the outside world often involves using NodePort or LoadBalancer type services. While functional, NodePort exposes services on a specific port across all nodes, and LoadBalancer provisions a cloud provider's load balancer, which can be costly and less flexible for multiple services. Ingress consolidates external access configuration, offering a single entry point for traffic.

How Ingress Works

An Ingress resource itself doesn't do anything; it's a collection of rules that defines how external traffic should be routed to internal services. To make these rules effective, an Ingress Controller must be running in the cluster. The Ingress Controller is typically a daemon that watches the Kubernetes API server for Ingress resources and configures a load balancer (like NGINX, HAProxy, AWS ALB, GCE L7 Load Balancer, etc.) according to the Ingress rules.

Key Features and Benefits

  • External Access: Provides a way to expose multiple services under a single IP address.
  • Traffic Routing: Allows routing traffic based on hostnames (e.g., app1.example.com vs. app2.example.com) and URL paths (e.g., example.com/api vs. example.com/blog).
  • SSL/TLS Termination: Can terminate SSL/TLS for secure communication, often offloading this task from individual services.
  • Load Balancing: Distributes incoming traffic across multiple instances of a service.
  • Name-Based Virtual Hosting: Supports routing to different services based on the Host header.
  • Simplified Configuration: Centralizes routing rules, making it easier to manage external access for multiple applications.

Example Ingress Configuration

yaml 
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: api-service
            port:
              number: 80
      - path: /blog
        pathType: Prefix
        backend:
          service:
            name: blog-service
            port:
              number: 8080

In this example, an Ingress named example-ingress is configured to: - Route requests for myapp.example.com/api to api-service on port 80. - Route requests for myapp.example.com/blog to blog-service on port 8080.

It's important to remember that for this Ingress to function, an Ingress Controller (e.g., NGINX Ingress Controller) must be deployed in the Kubernetes cluster, and the DNS records for myapp.example.com must point to the IP address of the Ingress Controller.

← All Kubernetes questions