Kubernetes Ingress with NGINX

François Fernandès
Jan 29 · 7 min read
Image for post
Image for post
Photo by Foo Bar on Unsplash

What is an Ingress?

Ingress is a Kubernetes resource type, that can be applied just like other resources. Its purpose is to define routing cluster-external requests to cluster-internal services. An Ingress will map URLs (hostname and path) to cluster-internal services.

Image for post
Image for post
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: digitalfrontiers-sample-ingress
spec:
rules:
- host: sample-service.example.com
http:
paths:
- path: /
backend:
serviceName: frontend-svc
servicePort: 80
- path: /api
backend:
serviceName: backend-svc
servicePort: 8081

Ingress Controller

The Ingress is the definition of how the routing should be done. But the execution of those rules has to be performed by an “Ingress Controller”. Due to this, creating Ingress resources in a Kubernetes cluster won’t have any effect until an Ingress Controller is available.

NGINX Ingress Controller

Further on, we’ll focus on the NGINX Ingress Controller, being an Ingress Controller implementation based on the popular NGINX http-engine. Although there are many different Ingress Controller implementations, the NGINX based implementation seems to be the most commonly used one. It is a general purpose implementation that is compatible with most Kubernetes cluster deployments.

Image for post
Image for post

Deploying the NGINX Ingress Controller

The deployment of the NGINX Ingress Controller is pretty straightforward. It consists of two parts:

  • Provider specific deployment, depending on the actual provider. Here we’ll focus on the generic deployment. (Especially AWS and bare metal clusters require additional configuration, which has been well documented in https://kubernetes.github.io/ingress-nginx/deploy/)

General Process

The deployment is straightforward and uses existing resource definitions that can be applied to the cluster. Even though the resource definitions are created by a trustworthy source (they are part of the github Kubernetes organisation), external resources should always be inspected. This will not only ensure, that no unexpected content will be deployed, but additionally give you a basic understanding of how deployed content is structured.

curl https://<some-url>.yaml                            #1
kubectl apply --dry-run -f https://<some-url>.yaml #2
kubectl apply -f https://<some-url>.yaml #3
  1. Before applying the resource, perform a dry run. This will validate the resource and tell you what will be deployed to the cluster.
  2. Perform the actual deployment

Step-By-Step Deployment

As stated before, the deployment consists of two parts. We start off by deploying the base components required for all Kubernetes cluster types. The deployment can be done using the following command:

kubectl apply-f https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.0/deploy/static/mandatory.yaml
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
role.rbac.authorization.k8s.io/nginx-ingress-role created
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
deployment.apps/nginx-ingress-controller created
limitrange/ingress-nginx created
kubectl get pods —-all-namespaces —-watch -l “app.kubernetes.io/name=ingress-nginx”
Image for post
Image for post
watching the ingress controller becoming available
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.0/deploy/static/provider/cloud-generic.yaml
kubectl -n ingress-nginx get service
Image for post
Image for post

Conclusion

This is a short introduction to Ingress and the Ingress Controller, giving you a basic understanding of the concept. Once you’ve wrapped your head around the concept, Ingress resources are an efficient way to expose your services.

Digital Frontiers — Das Blog

Dies ist das Blog der Digital Frontiers GmbH & Co.

Thanks to Benedikt Jerat

François Fernandès

Written by

Senior Solution Architect at digitalfrontiers, Member of the Board at PDF Association

Digital Frontiers — Das Blog

Dies ist das Blog der Digital Frontiers GmbH & Co. KG (http://www.digitalfrontiers.de). Hier veröffentlichen wir zu Themen, die uns interessieren und bewegen.

François Fernandès

Written by

Senior Solution Architect at digitalfrontiers, Member of the Board at PDF Association

Digital Frontiers — Das Blog

Dies ist das Blog der Digital Frontiers GmbH & Co. KG (http://www.digitalfrontiers.de). Hier veröffentlichen wir zu Themen, die uns interessieren und bewegen.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store