Ingress
The previous section describes how to create a LoadBalancer Service that uses a load balancer to access pods.
Services forward requests using TCP and UDP at Layer 4. Ingresses can forward requests using HTTP and HTTPS at Layer 7. Domain names and paths can be used for finer granularities.
In CCI, external access is implemented by binding the load balancer's IP address and port number to an ingress, as shown in Figure 2.
Load Balancers
Ingresses can be bound to load balancers. You can create a load balancer by using the API or the ELB console.
Load balancers can be divided into private network load balancers and public network load balancers based on IP addresses. The difference is that a public network load balancer has a public IP address bound.
Creating an Ingress
- Creating an HTTP ingress
In the following example, the associated backend is nginx:8080. When http://10.10.10.10:6071/ is accessed, the traffic is forwarded to the Service corresponding to nginx:8080, and then to the corresponding pod.
apiVersion: extensions/v1beta1 # Ingress version kind: Ingress metadata: name: nginx labels: app: nginx isExternal: "true" # This parameter is mandatory and must be set to true. zone: data # Data plane mode. This parameter is mandatory and must be set to data. annotations: kubernetes.io/elb.id: 2d48d034-6046-48db-8bb2-53c67e8148b5 # ID of the load balancer. This parameter is mandatory. kubernetes.io/elb.ip: 192.168.137.182 # IP address of the load balancer. This parameter is optional. kubernetes.io/elb.port: '6071' # Port configured for the load balancer. This parameter is mandatory. spec: rules: # Routing rules - http: # Using HTTP protocol paths: - path: / # Route backend: serviceName: nginx # Name of the Service to which requests are forwarded servicePort: 8080 # Port of the Service to which requests are forwardedYou can also set the external domain name in an ingress so that you can access the load balancer through the domain name and then access backend Services.
Domain name-based access depends on domain name resolution. You need to point the domain name to the IP address of the load balancer. For example, you can use Domain Name Service (DNS) to resolve domain names.
spec: rules: - host: www.example.com # Domain name http: paths: - path: / backend: serviceName: nginx servicePort: 80
- Creating an HTTPS ingress
In the following example, the associated backend is nginx:8080. When https://10.10.10.10:6071/ is accessed, the traffic is forwarded to the Service corresponding to nginx:8080, and then to the corresponding pod.
apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: kubernetes.io/elb.id: 2d48d034-6046-48db-8bb2-53c67e8148b5 kubernetes.io/elb.ip: 192.168.137.182 kubernetes.io/elb.port: '6071' labels: app: nginx isExternal: 'true' zone: data name: nginx spec: rules: - http: paths: - backend: serviceName: nginx servicePort: 8080 path: / tls: - secretName: cci-sslcertificate-20214221 # Name of the uploaded SSL certificate
Accessing Multiple Services
An ingress can access multiple Services at the same time. The configuration is as follows:
- When accessing http://foo.bar.com/foo, you access the backend s1:80.
- When accessing http://foo.bar.com/bar, you access the backend s2:80.
spec:
rules:
- host: foo.bar.com # Host address
http:
paths:
- path: "/foo"
backend:
serviceName: s1
servicePort: 80
- path: "/bar"
backend:
serviceName: s2
servicePort: 80
Configuring the Routing Service for URL Redirection
cat <<-EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: ingress-redirect-test
namespace: default
spec:
rules:
- host: ingress-test.com
http:
paths:
- path: /
backend:
serviceName: service-test
servicePort: 80
EOF
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
