[TBD]Understanding kubernetes ingress resource

Introduction

Laymen explanation

If you have used K8s for running apps, you must know that two apps in k8s can talk each other by default (via k8s CNI networking). However, what if you want to access an app from your laptop browser? It will not work by default since IP address provided to the app is not accessible from outside the k8s cluster. But, accessing it from outside k8s cluster is a genuine ask. Think that you want to deploy the e-commerce website in k8s infra. Then any customer must be able to access webpage, login, cart etc from the browser. These apps will be running in the k8s cluster and hence we need an approach to solve this problem. This document helps in this regard.

Technical explanation

Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Other approaches are NodePort and load balancer types service.

A case study of internet traffic

Types of traffic based on security

• Insecure

• Secure

Insecure traffic property

• Route all traffic for a host

• Route traffic for a host with given path

• Route any host traffic with given path

Secure traffic property

• Edge termination - In this case, SSL will terminate in the ingress device.

  • Ingress device to backend can be insecure or secure. User can mention it if it wants to make backend connection secure.

    • So, it can enable re-encryption of traffic when forwarding to backend service

  • If user uses http instead of https, then admin can provide following options

    • Redirect to the https

    • Disallow the http

    • Allow the http

• Passthrough

Recent changes

• A new pathType field that can specify how Ingress paths should be matched.

• A new IngressClass resource that can specify how Ingresses should be implemented by controllers.

• Support for wildcards in hostnames.

Refer: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/

Reference

https://kubernetes.io/docs/concepts/services-networking/ingress/