Ingress

In Kubernetes, Ingress is a resource type similar to Service, that allows you to easily route HTTP and HTTPS traffic entering the cluster through a single entry point to different services inside the cluster. Traffic routing is defined by rules specified on the Ingress resource.

Ingress objects refer to allowing HTTP or HTTPS traffic through to your cluster services. They do not expose other ports or protocols to the wider world. For this, you should use a service type such as LoadBalancer or NodePort. A service is an external interface to a logical set of Pods. Services use a ‘virtual IP address’ local to the cluster. External services could not access these IP addresses without an Ingress.

What is the difference between Ingress and Egress?

In networking, ingress refers to the traffic that comes inside your network, while egress refers to the traffic that goes outside of it:

VM → World (Egress)
World → VM (Ingress)

In K8s it is the same and does the management of network traffic that enters and leaves the K8s cluster.

Apart from the direction of traffic, another difference would be their focus. Ingress focuses on load balancing and SSL termination, while Egress focuses on preventing unauthorized access to external resources.

Ingress Controller

An ingress controller acts as a reverse proxy and load balancer inside the Kubernetes cluster. It provides an entry point for external traffic based on the defined Ingress rules. Without the Ingress Controller, Ingress resources won’t work.

The Ingress Controller doesn’t run automatically with a Kubernetes cluster, so you will need to configure your own. An ingress controller is typically a reverse web proxy server implementation in the cluster.

Ingress Benefits

Exposing multiple services through a single entry point simplifying traffic routing through URIs, paths, headers, or other methods.
SSL/TLS termination – simplify certificate management and reduce overhead on your services.
Authentication and authorization – implement secure access to your services.
Load balancing – even though Ingress and the load balancer service have a lot in common, ingress is internal to the cluster and allows you to route to different services, while the load balancer component is external to the cluster, letting you route traffic to a single service.

Ingress Resource File

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minimal-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx-example
  rules:
  - http:
      paths:
      - path: /testpath
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 80

PreviousConfigMap & Secrets NextHelm

Last updated 10 months ago

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: minimal-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: ingressClassName: nginx-example rules: - http: paths: - path: /testpath pathType: Prefix backend: service: name: test port: number: 80