Ingress¶

Ingress is an API object that manages external access to services in a cluster, typically through HTTP/HTTPS. Unlike Service objects, which operate at Layer 4 (TCP/UDP), Ingress operates at Layer 7 (Application Layer), allowing for routing based on URL paths and hostnames.^[Kubernetes_yaml文件.md]

Core Concept¶

Ingress functions as a "Service of Services," acting as a global load balancer or reverse proxy (such as Nginx) that routes external traffic to different internal Services based on defined rules.^[Kubernetes_yaml文件.md] This eliminates the need to configure a separate load balancer for every Service, which can be costly and inefficient.^[Kubernetes_yaml文件.md]

Ingress Controller¶

The Ingress resource itself is merely a configuration description; it requires an Ingress Controller to enforce the rules.^[Kubernetes_yaml文件.md] The Ingress Controller is essentially a reverse proxy service running in the cluster (often Nginx, Traefik, etc.) that reads Ingress rules and configures its underlying software accordingly.^[Kubernetes_yaml文件.md]

Users can select an Ingress Controller implementation based on specific requirements.^[Kubernetes_yaml文件.md] For example, applications sensitive to proxy interruptions might use a controller like Traefik, which supports "hot loading" of configurations.^[Kubernetes_yaml文件.md]

Comparison with Service¶

• Layer 7 vs Layer 4: Ingress works at Layer 7 (Application), handling HTTP/HTTPS traffic, whereas Services work at Layer 4 (Transport) handling TCP/UDP.^[Kubernetes_yaml文件.md]
• Functionality: Ingress is capable of traffic routing based on content (e.g., URL paths), whereas Services route based only on IP and Port.^[Kubernetes_yaml文件.md]
• Configuration: Ingress allows for HTTP-specific configurations like TLS termination, which Services cannot handle.^[Kubernetes_yaml文件.md]

Related Concepts¶

• [[Service]]
• [[LoadBalancer]]

Sources¶

^[Kubernetes_yaml文件.md]