Exposing your application to the public (Ingress)

What is Ingress?

Thanks to Ahmet Alp Balkan for the diagram
  • SSL termination
  • Authentication
  • IP whitelisting
  • Client rate limiting (throttling)
  • Logging and monitoring
  • Response caching
  • Web application firewall
  • GZIP compression
  • Servicing static content
  • In your localhost cluster, you will need just one Pod for ingress that serves traffic of one port of your machine to the cluster (which is the sample below).
  • In your bare metal - multiple nodes cluster: you may want to deploy the Ingress controller as a DaemonSet (will describe it shortly below) in order to make sure that any traffic reaches port 80 of any node will be picked up by the Ingress.
  • In cloud providers: it’s handled differently, cause each cloud provider have the capability to use it’s own external IPs/load balancers and services. Some providers comes with NGINX Ingress controller like Google Kubernetes Engine. And here is how to do it on Azure.




kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/master/deployments/common/ns-and-sa.yamlkubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/master/deployments/common/default-server-secret.yamlkubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/master/deployments/common/nginx-config.yamlkubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/master/deployments/rbac/rbac.yamlkubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/master/deployments/daemon-set/nginx-ingress.yaml
kubectl get pods --namespace=nginx-ingress

Add Ingress rule

apiVersion: extensions/v1beta1
kind: Ingress
name: mysample-ingress
kubernetes.io/ingress.class: "nginx"
- host: localhost
- path: /
serviceName: mysample-service
servicePort: 80

Istio Ingress

