0 – preface
Recently, in the process of researching the Ingress Controller, I found that it is easy to confuse the understanding of Ingress and Ingress Controller. Write it down while it’s hot and give it to your future self.
1-Ingress
Kubernetes Ingress is an API object that provides routing rules to manage external users’ access to the services in a Kubernetes cluster.
Ingress is to define the routing rules: external to the cluster, internal to the cluster HTTP and HTTPS routing rules.
The following is an external request that is forwarded to the Service through the Ingress routing rule, and then the Service distributes the request to different Pods according to the Selector tag:
Example Ingress YAML file:
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-ingress namespace: conn-dev annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: dev.xxx.com http: paths: - path: PathType: Prefix Backend: service: name: nginx port: pathType: Prefix Backend: service: name: nginx port: pathType: Prefix Backend: service: name: nginx port: number: 80Copy the code
Example Nginx deploy&Service YAML file:
apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" labels: app: nginx name: nginx namespace: conn-dev spec: replicas: 1 selector: matchLabels: app: nginx strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: app: nginx spec: containers: - image: nginx imagePullPolicy: Always name: nginx resources: {} dnsPolicy: ClusterFirst restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: nginx namespace: conn-dev spec: selector: app: Ports: -protocol: TCP Port: 80 targetPort: 80Copy the code
Note:
- The spec.selector in service should be the same as the Metadata. labels in deploy, because SVCS use labels to locate their pods
- Ingress. Spec. Rules. HTTP. Paths. There are three kinds of pathType types: Exact, Prefix, Implementation, see here
2-Ingress Controller
If Kubernetes Ingress is the API object that provides routing rules to manage external access to services, Ingress Controller is the actual implementation of the Ingress API. The Ingress Controller is usually a load balancer for routing external traffic to your Kubernetes cluster and is responsible for L4-L7 Network Services.
Personal understanding:
- On the one hand: The Ingress Controller is an application that controls and manages ingress resources. When an ingress is deployed in a cluster (under any namespce), the Ingress Controller will capture the ingress resources. Then configure the configuration to the corresponding internal components according to certain rules. The common internal component is Nginx.
- On the other hand, from the perspective of NGINx, the Ingress Controller is also a reverse proxy. External requests obtain the ingress resources in the cluster (configured by kind:ingress) through the Ingress Controller. According to its URL rules, To a different service (analogy to nginx and nginx.conf)
3 – Ingress Controller deployment
See Ingress Controller Deployment
I-References
- What is Kubernetes Ingress?
- Ingress