Open In App

What Is Kubernetes Ingress ?

Last Updated : 06 May, 2024
Improve
Improve
Like Article
Like
Save
Share
Report

Ingress is a Kubernetes API object that is used to expose HTTP and HTTPS routes from outside the cluster to services inside the cluster. It provides a single entry point into a cluster hence making it simpler to manage applications and troubleshoot routing issues. In this article, we will discuss what Kubernetes Ingress is. what is an Ingress controller and How does it resolve the routing problem issue? we will guide you on step-by-step implementation of Kubernetes Ingress.

Table of Content

What Is Ingress?

Ingress is a Kubernetes API object that is used to expose HTTP and HTTPS routes from outside the Kubernetes cluster to services inside the cluster. It provides a single entry point into a cluster hence making it simpler to manage applications and troubleshoot routing issues.

The official definition of Ingress says “Ingress is an API object that manages external access to the services in a Cluster“. The role of Ingress is instead of Service, the request goes first to Ingress and it does the forwarding then to the Service.

Architecture of Kubernetes Ingress

Kubernetes Ingress acts like a traffic controller for managing the income traffic to the Kubernetes cluster. It manages the external access to the services within the kubernetes. The following are its internal concepts and terminologies:

  • Routing: Kubernetes Ingress defines the rules in the Routing table for external HTTP and HTTPS traffic to the inside kubernetes cluster services based on the hostname and paths.
  • Load Balacing: Load Balancing facilitates in distributing the income traffic to multiple backend servers providing scalability and reliability to the cluster.
  • TLS Termination: Ingress handles the TLS/SSL termination for providing a secured communication between the clients and services.
  • Path-Based Routing: In Routing Table we can define the rules based on the URL paths also. With this the traffic will be distributed to backend servers based on the paths accordingly.
  • Virtual Hosts: Ingress facilitates virtual hosting i.e., hosting multiple domains on the same cluster and directs the traffic to different services based on the domain name.

Kubernetes-Ingress-Architecture

Kubernetes Ingress Resources

In Kubernetes, an Ingress is an API object that manages the external access to the services within the kubernetes cluster. It acts an abstraction layer for routing traffic from outside the cluster to services inside the cluster. The following are its main concepts and terminologies:

  • Routing Rules: Ingress facilitates you to define the rules for routing HTTP and HTTPS traffic based on the hostnmes or paths to different services in your cluster.
  • Load Balancing: It provides the load balancing capabilities, distributing the incoming traffic across multiple pods or services.
  • TLS Termination: Ingress can also able to handle the SSL/TLS termination by allowing you to encrypt the traffic from outside the cluster to your services.
  • Reverse Proxy: It functions as a Reverse proxy, forwarding the requests from the clients to appropriate services based on the defined rules.

Kubernetes Ingress Class

Kubernetes Ingress Class is like a routing rulebook in which the rules are defined to manage the incoming traffic. It is manages the direct external access to the services in the kubernetes cluster by acting as a traffic controller.

When we define the different ingress classes based on our needs like one class is defined for regular web traffic and another for internal services. Each Ingress Class has its own set of rules for handling the incoming traffic requests.

For Instance, on Ingress class might route all the requests with /api to your backend API service and another that sends requests for “/” to your frontend webapp.

Types of Ingress

Ingress refers to an unthorized entry or access into your system, network or physical spaces that presents the security risks and potential harm. The following are the types of ingress, each presents its own risks and challenges:

  • Physical Ingress: It involves gaining the physical access to a system or network bypassing the physical security measures such as locked doors, security guards. It also involves stealing of devices like laptops or USB drivers.
  • Network Ingress: Network ingress occurs when the attackers gains the access of a network through vulnerabilities in the infrastructure such as unsecured wifi networks, open ports or weak passwords. This leads to unathorized security access to sensitive data.
  • Software Ingress: It involves in exploiting the vulnerabilities in software applications or operating systems to aunthorized access to a system or network. This can include exploiting the bugs, malware or with techniques like phishing to trick users to reveal sensitive information.

Updating An Ingress

Updating the Ingress involves in modifying the configuration file of the Routing Table. Routing rules of how external traffic is routed to services within the kubernetes cluster as to be modified. The following are steps for updating an Ingress to define rules for HTTP and HTTPS traffic to different services based on criteria like hostname and paths.

Step 1: Modify the YAML Configuration

  • Here, we can modify the yaml configuration file that defines the ingress resources using `kubectl edit` or by directly modifying the YAML file.

Step 2: Apply Changes

  • After once the changes are made in the configuration file, you can apply the changes using the following command in the kubernetes cluster
kubectl apply -f ingress.yml

Step 3: Verfiication

  • Once we applied the changes, we should verify whether the ingress is updated correctly or not using the following command:
kubectl get ingress

( or )

  • We can also verify it by checking the status in our kubernetes dashboard.

Step 4: Testing

  • It is important to test the updated configuration of ingress to ensure the traffic is routed as per expected or not. we can perform this by sending the requests to the associated services and verifying its responses.

Step 5: Rollback ( if necessary )

  • If the update leads to any issues or anying unexpected behaviour, we can rollback it to the previous configuration by reapplying the older YAML file.

Example Of An Ingress Configuration File

In this configuration file of Ingress, specification is where the whole configuration happens, we have rules or routing rules attribute which defines that all the requests to “shubham.com” must be forwarded to the internal service “myapp-internal-service”.

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: myapp-ingress
spec:
  rules:
    - host: shubham.com
      http:
        paths:
          - backend:
              serviceName: myapp-internal-service
              servicePort: 8080

What is Ingress Controller?

An Ingress Controller is a Kubernetes Component that is responsible for evaluation and processing of Ingress routes. An Ingress Controller acts as a Reverse Proxy and Load Balancer. An example of an Ingress Controller is Kubernetes Nginx Ingress Controller which is an Ingress Controller by Kubernetes.

In order to make the ingress routing rules to work, we need an implementation for Ingress and that implementation is called Ingress Controller. Therefore, before configuring Ingress to a Cluster, we would first have to install an Ingress Controller which is basically another Pod or set of Pods that run on your Node in your Kubernetes Cluster and is responsible for evaluation and processing of Ingress routes. The function of ingress controller is to evaluate all the rules that you have defined in your Cluster and manage all the redirections.

Kubernetes Ingress Controllers List

Kubernetes controller is essential for managing the inbound traffic to the kubernetes cluster. The following are the some of the widely used kubernetes Ingress Controllers:

  • Nginx Ingress Controller: It is the one of the popular option for kubernetes. It configures the NGINX to route traffic to kubernetes services.
  • Traefik: It is a modern HTTP reverse proxy and load balancer that is made for microservices. It’s known for its simplicity and dynamic configuration.
  • HAProxy Ingress: It utilizes the HAProxy as its uderlying proxy for handling incoming traffic. It is highly configurable and suitable for complex routing requirements.
  • Contour: It is build on top of Envoy proxy. It is designed to work seamlessly with kubernetes offering features like HTTP/2 and TLS Termination.
  • Istio: Istio is a primarly a mesh service and can also functions as ingress controller offering effective traffic management capabilities, security features and observability.

How to Create An Ingress In Kubernetes? A Step-By-Step Guide

Follow this tutorial step by step in order to create and work with Ingress configuration files in Minikube. Minikube is a one-node Kubernetes cluster where master processes and work processes both run on one node.

Step 1: You can skip this step if you already have a Kubernetes Cluster running in your machine. But in case you don’t have a Cluster running enter the following command to create Kubernetes locally using minikube:

minikube start

Starting the Minikube

  • If you are logged in as a root user you might get an Error message:
Exiting due to DRV_AS_ROOT: The "docker" driver should not be used with root privileges.
  • This is because the default driver in the Docker driver and it should not be used with root privileges. For fixing this we should log in as a different user that the root user.
  • Enter the following command to add a new user:
adduser [USERNAME]
  • Now enter the following command to login as a new user
su - [USERNAME]
  • And after this the command ‘minikube start‘ should work fine.

Step 2: Let us now install ingress controller in Minikube and the way to do that is by executing minikube add-ons command. Enter the following command in your ternimal:

minikube addons enable ingress
  • you will get a similar result as shown in following Screenshot:

Adding Ingress addon to Minikube

  • What this does is it automatically configures or automatically starts the Kubernetes nginx implementation of ingress controller.
  • It is one of the many third-party implementations which you can also safely use in production environments.

Step 3: Now we will create an ingress rule that the controller can evaluate. This is quite a complicated process.

  • Firstly, we already have internal service for kubernetes-dashboard and a Pod for that. We are configuring an ingress rule for the dashboard.
  • Check the list of namespaces by the following command:
kubectl get ns
  • In case you don’t have it already, you can use this command to get kubernetes-dashboard namespace.
minikube dashboard

Minikube dashboard

Step 4: Now that we have kubernetes-dashboard, we can check all the components inside the kubernetes-dashboard namespace using the following command:

kubectl get all -ns kubernetes-dashboard

Listing all resources in Kubernetes dashboard

  • You can see the internal service called kubernetes-dashboard with a Port = 80 and the pod inside the namespace, note that down since we are going to use this when working on the Ingress rule.

Step 5: Now let’s create the Ingress rule for the namespace kubernetes-dashboard. This means that we will specify the namespace as kubernetes-dashboard.

  • Create a file called dashboard-ingress.yaml and enter the following code inside it.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: dashboard-ingress
  namespace: kubernetes-dashboard
spec: 
  rules:
  - host: dashboard.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port: 
              number: 80
  • You can see that the serviceName and the Port resembles to what to talked about in the earlier step.

Step 6: Now, let’s apply the Ingress rule, you can do that by entering the following command in your terminal:

kubectl apply -f dashboard-ingress.yaml
  • And the ingress will be created. Now if we checkout the list of Ingress in kubernetes-dashboard namespace by entering the following command
kubectl get ingress -n kubernetes-dashboard

Kubernetes Ingress - CLI mode

  • We can find our dashboard-ingress that we created. Make sure to note down the Address of the Ingress, we will use it in later steps.

Step 7: Now what we will do is we will take that address and in the hosts file, at the end we will define that mapping, we will map IP address to dashboard.com . We can do that by entering the following command:

sudo vim /etc/hosts
  • Then you can type your password and enter this to your hosts file:
[IP_ADDRESS]    dashboard.com
  • the hosts file would look somewhat like this:

Host File

  • What this does is that if you type dashboard.com in the browser, it will be mapped to the IP address we assigned. (192.168.49.2 in this case).
  • This basically means that the request that will come in to our Minikube cluster will be handed over to Ingress controller and the Ingress controller then will evaluate the rule that we defined and forward that request to service.

Step 8: And with this we have finally setup the Ingress rule. We can simply go to dashboard.com in our machine and you will get the kubernetes dashboard there.

  • It will look similar to this. (this is not the entire website screenshot, only for reference).

Kubernetes Dashboard

  • With that the tutorial for Kubernetes Ingress is complete and you learned how to implement Kubernetes Ingress using a configuration file.
  • Let’s now conclude the article and discuss some frequently asked questions about Kubernetes Ingress.

Differences Between Ingress, NodePort And LoadBalancer

Ingress

NodePort

LoadBalancer

Definition

Ingress is a Kubernetes API object that is used to expose HTTP and HTTPS routes from outside the cluster to services inside the cluster.

NodePort is a Service that is accessible on a static Port on each Worker Node in the cluster.

Load Balancer Service type allows the Service to become accessible externally through a Cloud Provider’s Load Balancer functionality.

Use

Ingress provides a single entry point into a cluster hence making it simpler to manage applications and troubleshoot routing issues.

NodePort Service makes the external traffic accessible on static or fixed port on each worker Node

LoadBalancer Service is an extension of NodePort Service. To understand LoadBalancer Service type, you must know about Load Balancing. Load Balancing is the process of dividing a set of tasks over a set of resources in order to make the process fast and efficient.

Configuration

Ingress is configured with the help of rules that define how to route traffic to different services based on hostnames or paths.

NodePort is configured by specifying the NodePort and the target port for the service.

LoadBalancer is als configured same as NodePort.

Range

No specific port range is defined for Ingress.

NodePort range is between 30000-32767

LoadBalancer uses standard HTTP and HTTPS ports

Difference Between Kubernetes Ingress And Nginx Ingress

The following are the differences between Kubernetes Ingress and Nginx Ingress:

Kubernetes Ingress

Nginx Ingress

It is a native kubernetes resource

It is a Kubernetes controller extension

It used for managing the external excess to the services within the kubernetes cluster

It enhances the nginx functionalities and capabilities

It is implemented as a resource in kubernetes

It is implemented as a kubernetes controller extension

It define rules for HTTP and HTTPS routing

It enhances the routing features with nginx capabilities.

It provides the basic load balancing facilities

It enhances the load balancing features with nginx capabilities

Conclusion

Ingress is a Kubernetes API object that is used to expose HTTP and HTTPS routes from outside the cluster to services inside the cluster. It provide a single entry point into a cluster hence making it simpler to manage applications and troubleshoot routing issues. Make sure to follow the tutorial as well as create a new Ingress configuration file and implement it in a Minikube cluster to practice it, that is the best way to understand Kubernetes Ingress.

We hope that this article helped you improve your understanding about Kubernetes Ingress and you learned something valuable out of it.

Kubernetes Ingress – FAQ’s

How To Apply An Ingress Configuration File?

We can apply an Ingress configuration file by using this command

 kubectl apply -f dashboard-ingress.yaml

What Is Kubernetes Ingress?

Kubernetes Ingress is a Kubernetes API object that is used to expose HTTP and HTTPS routes from outside the cluster to services inside the cluster.

What Is The Role Of Kubernetes Ingress?

The role of Ingress is that instead of Service, the request goes first to Ingress and it does the forwarding then to the Service. It provides a single entry point into the cluster.

What Is Ingress Controller?

An Ingress Controller is a Kubernetes Component that is responsible for evaluation and processing of Ingress routes.

Give An Example Of An Ingress Controller?

An example of an Ingress Controller is Kubernetes Nginx Ingress Controller.



Like Article
Suggest improvement
Next
What Is YAML In Kubernetes ?
Share your thoughts in the comments

Similar Reads

Difference Between Kubernetes Ingress And Loadbalancer
Difference Between kubernetes Ingress And Egress
Kubernetes Ingress Controllers: Routing And Load Balancing For Services
Kubernetes - Monolithic Architecture of Kubernetes
Kubernetes - Creating Deployment and Services using Helm in Kubernetes
Why Kubernetes? Benefits of using Kubernetes
Kubernetes Controller VS Kubernetes Operator
How Raspberry Pi and Kubernetes Work Together?
Kubernetes - Kubectl Commands
HELM 101: An Introduction to Package Manager for Kubernetes
author
1shubham7
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox