Ingress: A Gateway to Your Services

Amal KuriakoseAmal Kuriakose
2 min read

Kubernetes Ingress is an API object that acts as a gateway for external traffic to access services within a Kubernetes cluster. Think of it as a traffic cop directing incoming requests to the appropriate destinations based on specific rules.

Key Features and Benefits

  • Load Balancing: Distributes traffic across multiple instances of a service to ensure even utilization and improve performance.

  • SSL Termination: Handles SSL/TLS encryption and decryption, providing secure communication between clients and services.

  • Name-Based Virtual Hosting: Allows multiple services to be exposed on the same IP address and port, differentiated by their hostnames.

  • Path-Based Routing: Routes traffic to different services based on the URL path.

  • Configuration Management: Defines routing rules and other configuration options through the Kubernetes API, making it easy to manage and update.

How Does Ingress Work?

  • Ingress Resource: A Kubernetes object that specifies the desired routing rules, including hostnames, paths, and the services to be exposed.

  • Ingress Controller: A software component that watches for changes to Ingress resources and implements the defined rules. It typically uses a load balancer or other network devices to route traffic.

  • Traffic Routing: When a client sends a request to the Ingress, the controller examines the request's hostname and path to determine the appropriate service. It then forwards the request to the service using the specified load balancing algorithm.

Common Ingress Controllers

  • Nginx Ingress Controller: A popular choice based on the Nginx web server.

  • Traefik: A versatile controller with support for multiple backends and plugins.

Use Cases for Ingress

  • Exposing Services to the Internet: Make your applications accessible from outside the cluster.

  • Implementing Load Balancing: Distribute traffic across multiple instances of a service.

  • Securing Traffic with SSL: Encrypt and decrypt data to protect sensitive information.

  • Managing Multiple Services on a Single IP: Host multiple applications on the same IP address and port.

  • Enforcing Access Controls: Restrict access to specific services based on hostnames or paths.

A minimal Ingress resource example:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minimal-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx-example
  rules:
  - http:
      paths:
      - path: /testpath
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 80

To learn more, please visit the official documentation - https://kubernetes.io/docs/concepts/services-networking/ingress/

0
Subscribe to my newsletter

Read articles from Amal Kuriakose directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Kubernetescontainer orchestration

Written by

Amal Kuriakose
Amal Kuriakose