Skip to content

Ingress Controller

An Ingress Controller is a component within a Kubernetes cluster that acts as a sophisticated entry point for external traffic, functioning as a Layer 7 (HTTP/HTTPS) LoadBalancer^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md]. It serves to unify external access, typically managing standardized ports such as HTTP 80 and HTTPS 443, thereby resolving the management complexity associated with exposing numerous individual services via different ports^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

Core Functionality

The primary role of an Ingress Controller is to route incoming traffic to specific [[Services]] based on defined rules^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md]. This routing logic operates as a "fanout" mechanism, allowing a single IP address to distribute traffic to multiple backend services^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

Key capabilities include:

  • Request Routing: Directing traffic based on Hostname (Virtual Hosting) or Pathname^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].
  • Load Balancing: Distributing traffic load using algorithms and backend weight schemes^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].
  • SSL Termination: Handling HTTPS Decryption, so that internal communication between the controller and Services/Pods can occur over unencrypted HTTP^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

Architecture and Implementation

To function, an Ingress Controller requires specific Kubernetes resources:

  • Ingress Resource: This configuration object defines the routing rules (e.g., host, path) and the destination Services^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].
  • IngressClass: A mechanism within the resource specification (e.g., ingressClassName: nginx) that determines which specific controller implementation should process the rules^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

A common implementation is the NGINX Ingress Controller, which is typically deployed within a dedicated namespace (e.g., ingress-nginx)^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

Usage Patterns

Ingress Controllers support various traffic management strategies:

  • Default Backend: A catch-all service that handles requests which do not match any specific routing rules^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].
  • Name-based Virtual Hosting: Routing requests to different services based on the Host header (e.g., routing foo.com to Service A and bar.com to Service B)^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md].

Sources

^[400-devops-06-kubernetes-k8s-ithelp-day9-readme.md]