Skip to Content
Service DiscoveryIngress ManagementAdvanced usage of Ingress

Advanced Usage of Ingress

Multiple Ingress Controller SVC

If you have only one ingress controller running and want to provide services through multiple ULBs (such as binding SSL certificates in ULB), you can refer to this yaml file.

apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx2
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: LoadBalancer
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

Here I create a new svc, named ingress-nginx2, that exposes the ingress controller out of the cluster. At this point, this nginx ingress controller has 2 svcs, corresponding to 2 ULBs.

[root@10-10-10-194 ~]# kubectl get svc -n ingress-nginx
NAME             TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)                      AGE
ingress-nginx    LoadBalancer   172.17.23.246   xx.xx.xx.xx     80:32677/TCP,443:39787/TCP   10d
ingress-nginx2   LoadBalancer   172.17.7.114    yy.yy.yy.yy     80:47962/TCP,443:45958/TCP   29m

Users can parse to add n1 xx.xx.xx.xx and n2 yy.yy.yy.yy to distinguish the traffic entrance. This operation process will use the same set of ingress controllers, multiple SVC usage scenarios, the logic is as shown below.

ULB1            ULB2
 |               |
ing_svc1       ing_svc2
 |               |
 -----------------
         |
 ingress controller
         |
 -----------------      
 |               |
app_svc1       app_svc2
 |               |
app_pod1       app_pod2

Multiple Ingress Controllers

If you have multiple ingress controllers running in your kubernetes cluster (e.g., running nginx and traefik at the same time), you need to declare it when using the ingress resource object, for example:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: traefik-web-ui
  namespace: kube-system
  annotations:
    kubernetes.io/ingress.class: traefik
    # Declare to use traefik as the specified ingress controller
    # It can also be replaced with installed ingress controller such as nginx
spec:
  rules:
  - host: traefik-ui.minikube
    http:
      paths:
      - path: /
        backend:
          serviceName: traefik-web-ui
          servicePort: web

If you deploy different types of ingress controllers (such as nginx and traefik) without specifying annotation type, it will lead to both or all of the ingress controllers trying to meet the requirements of the ingress, and all ingress controllers scrambling to update the status of the ingress.

Deployment through DaemonSet

Ingress-controller can be deployed through Deployment or DaemonSet, each with its own pros and cons:

  • When using Deployment, scalability can be better, because when using DaemonSet you will have a single Pod model for each node, while when using Deployment, you may need fewer Pods depending on the environment.

  • When a node joins the cluster, DaemonSet will automatically expand to new nodes, while Deployment will only be scheduled on new nodes when needed.

  • DaemonSet ensures that only one node has and only has one replica. If the number of replicas is less than or greater than the number of cluster nodes, it is recommended to set it up through Deployment.

Nginx IngressCloudProvider Plugin Upgrade