Let's now add an important element to our cluster, in order to get closer and closer to creating an HA cluster.
What is Ingress?
In Kubernetes, an Ingress is a object that allows access to your Kubernetes services from outside the cluster. The ingress is made up of 2 parts: the kubernetes component that deals with directing external traffic to internal services is called the ingress controller, which obeys the rules present in the ingress resources. So, you configure access by creating a collection of rules, written in a file, that define which inbound connections reach which services. Without the use of the ingress, all the cluster services, to which one wishes to access from the outside, must be exposed to the internet. The advantage of the ingress consists, in fact, in exposing a single access point externally, which will take care of routing the traffic within the cluster.
Ingress installation
Prerequisites
First we added a new node to the cluster, which will take care of routing incoming requests to the appropriate services. This node will receive requests from the internet, so it must have a FIP. So, we created a new VM (Launch and manage instances) with a low-medium flavor, as it should only act as an ingress, and joined it to cluster, using the comand kubeadm join (Building the cluster). We then assigned to the node, through a label, the "role" of ingress with the command
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
# Note that the Pod is present on the "ingress" node and has its own private IP $ kubectl get pod -n nginx-ingress -o wide NAME READY STATUS RESTARTS AGE IP NODE nginx-ingress-68d7b4bfdd-mw479 1/1 Running 0 20h 192.168.100.13 mycentos-ing.novalocal |
Ingress resource
We now present the ingress resource through a complete example, present in the directory downloaded from GitHub (/kubernetes-ingress/examples/complete-example). Let's move inside the complete-example directory and run the commands (we set aside the cafe-secret.yaml file for now)
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
# In the ADDRESS column there is the FIP of the ingress node $ kubectl get ing -n nginx-ingress NAME CLASS HOSTS ADDRESS PORTS AGE cafe-ingress <none> cafe.example.com 131.154.97.164 80, 443 20h |
Let's move to the browser
We prove that everything works by moving to the browser. Since the cafe.example.com site is not registered on a DNS, we have to insert a line in the /etc/hosts file of our local machine (example on Windows the full path is C:\Windows\System32\drivers\etc\hosts)
...
These two web pages, while very simple, assure us that the addressing mechanism works correctly. Of course, if you don't enter any path (/tea or /coffee) after the host, you will get the message "404 Not Found". This happens because we have not associated any service in our ingress resource in the "homepage" of the host (i.e. the "- path: /" is not configured).
Uninstall the Ingress Controller
All the components created in this guide share the nginx-ingress namespace, so if we want to remove everything in one go, just type
...