Ingress
This guide covers setting up ingress on a kind cluster.
Setting Up An Ingress Controller
We can leverage KIND’s extraPortMapping
config option when creating a cluster to forward ports from the host to an ingress controller running on a node.
We can also setup a custom node label by using node-labels
in the kubeadm InitConfiguration
, to be used by the ingress controller nodeSelector
.
- Create a cluster
- Deploy an Ingress controller, the following ingress controllers are known to work:
Create Cluster
Create a kind cluster with extraPortMappings
and node-labels
.
- extraPortMappings allow the local host to make requests to the Ingress controller over ports 80/443
- node-labels only allow the ingress controller to run on a specific node(s) matching the label selector
cat <<EOF | kind create cluster —config=- kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane kubeadmConfigPatches: - | kind: InitConfiguration nodeRegistration: kubeletExtraArgs: node-labels: “ingress-ready=true” extraPortMappings: - containerPort: 80 hostPort: 80 protocol: TCP - containerPort: 443 hostPort: 443 protocol: TCP EOF
### Ambassador Ambassador will be installed with the help of the Ambassador operator. First install the CRDs with kubectl apply -f https://github.com/datawire/ambassador-operator/releases/latest/download/ambassador-operator-crds.yaml
cat <<EOF | kind create cluster —config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: “ingress-ready=true”
extraPortMappings:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
EOF
Now install the kind-specific manifest for installing Ambassador with the operator in the
ambassador
namespace:
kubectl apply -n ambassador -f https://github.com/datawire/ambassador-operator/releases/latest/download/ambassador-operator-kind.yaml kubectl wait —timeout=180s -n ambassador —for=condition=deployed ambassadorinstallations/ambassador
Ambassador is now ready for use. You can try the example in Using Ingress at this moment, but Ambassador will not automatically load the
kubectl apply -n ambassador -f https://github.com/datawire/ambassador-operator/releases/latest/download/ambassador-operator-kind.yaml
kubectl wait —timeout=180s -n ambassador —for=condition=deployed ambassadorinstallations/ambassador
Ingress
defined there. Ingress
resources must include the annotation kubernetes.io/ingress.class: ambassador
for being recognized by Ambassador (otherwise they are just ignored). So once the example has been loaded you can add this annotation with:
kubectl annotate ingress example-ingress kubernetes.io/ingress.class=ambassador
Ambassador should be exposing your Ingress now. Please find additional documentation on Ambassador here. ### Contour Deploy Contour components. kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
kubectl annotate ingress example-ingress kubernetes.io/ingress.class=ambassador
Apply kind specific patches to forward the hostPorts to the ingress controller, set taint tolerations and schedule it to the custom labelled node.
kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
{
"spec": {
"template": {
"spec": {
"nodeSelector": {
"ingress-ready": "true"
},
"tolerations": [
{
"key": "node-role.kubernetes.io/master",
"operator": "Equal",
"effect": "NoSchedule"
}
]
}
}
}
}
Apply it by running:
kubectl patch daemonsets -n projectcontour envoy -p ‘{“spec”:{“template”:{“spec”:{“nodeSelector”:{“ingress-ready”:”true”},”tolerations”:[{“key”:”node-role.kubernetes.io/master”,”operator”:”Equal”,”effect”:”NoSchedule”}]}}}}’
Now the Contour is all setup to be used. Refer to Using Ingress for a basic example usage. Additional information about Contour can be found at: projectcontour.io ### Ingress NGINX kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/kind/deploy.yaml
kubectl patch daemonsets -n projectcontour envoy -p ‘{“spec”:{“template”:{“spec”:{“nodeSelector”:{“ingress-ready”:”true”},”tolerations”:[{“key”:”node-role.kubernetes.io/master”,”operator”:”Equal”,”effect”:”NoSchedule”}]}}}}’
The manifests contains kind specific patches to forward the hostPorts to the ingress controller, set taint tolerations and schedule it to the custom labelled node. Now the Ingress is all setup. Wait until is ready to process requests running: kubectl wait —namespace ingress-nginx \ —for=condition=ready pod \ —selector=app.kubernetes.io/component=controller \ —timeout=90s
Refer Using Ingress for a basic example usage. ## Using Ingress The following example creates simple http-echo services and an Ingress object to route to these services.
kubectl wait —namespace ingress-nginx \
—for=condition=ready pod \
—selector=app.kubernetes.io/component=controller \
—timeout=90s
kind: Pod
apiVersion: v1
metadata:
name: foo-app
labels:
app: foo
spec:
containers:
- name: foo-app
image: hashicorp/http-echo:0.2.3
args:
- "-text=foo"
---
kind: Service
apiVersion: v1
metadata:
name: foo-service
spec:
selector:
app: foo
ports:
# Default port used by the image
- port: 5678
---
kind: Pod
apiVersion: v1
metadata:
name: bar-app
labels:
app: bar
spec:
containers:
- name: bar-app
image: hashicorp/http-echo:0.2.3
args:
- "-text=bar"
---
kind: Service
apiVersion: v1
metadata:
name: bar-service
spec:
selector:
app: bar
ports:
# Default port used by the image
- port: 5678
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- http:
paths:
- path: /foo
backend:
serviceName: foo-service
servicePort: 5678
- path: /bar
backend:
serviceName: bar-service
servicePort: 5678
---
Apply the contents
kubectl apply -f https://kind.sigs.k8s.io/examples/ingress/usage.yaml
Now verify that the ingress works # should output “foo” curl localhost/foo # should output “bar” curl localhost/bar
kubectl apply -f https://kind.sigs.k8s.io/examples/ingress/usage.yaml
# should output “foo”
curl localhost/foo
# should output “bar”
curl localhost/bar