Managing the flow of traffic into your application can be handled via direct access to the application's Kubernetes Service, however more Layer 7 (i.e. HTTP/HTTPS) control can be added by incorporating an ingress controller. At a minimum, ingress controllers will allow you to managed routes to different applications, components or version. However, ingress controllers can bring a lot of other features, including TLS offload.
Make sure the following are complete before setting up ingress.
- Cluster is provisioned and accessible via 'kubectl'
- (Optional) App Deployment is complete
- Alternatively you could deploy your own test application to try out ingress
- All ingress for the application must come through one public IP
- If the cluster is set up with egress lockdown, ingress must also flow through the firewall
- An analysis of ingress controller options has led you to use Ingress-Nginx
- The ingress controller must live in it's own Kubernetes namespace
- TLS is NOT required for this initial test, but may be added if time permits
- The application should be accessible at http:///reddog
- Deploy the ingress controller
- Create and test the ingress route
- (Optional) Enable TLS on the ingress
Useful links: