[k8s] ingress controller

[k8s] ingress controller ====== ###### tags: `kubernetes` `ingress` :::info + evaluate all rules + manages redirections + entrypoint to cluster + many third-party implementations > In order for the Ingress resource to work, the cluster must have an ingress controller running. > > + [color=pink] Controller 就只是個管理眾多 ==Ingress resource 的集大成==而已，真正做事情還是要依靠 ***Ingress resource*** 去做 Service 的串接 > > + [color=skyblue] 目前支援的有GCP HTTP(s) Load Balancer (GCE)、nginx、Contour、haproxy、traefik、istio ::: ![](https://i.imgur.com/BYv4v1P.png) ![](https://i.imgur.com/fVJhfNc.png) ![](https://i.imgur.com/CnqE1cd.png) # architecture ![](https://i.imgur.com/Gjv3eHh.png =400x) + ==Ingress-Server== 普遍上來說，就是一個能夠接受 HTTP/HTTPS 連線的網路伺服器 + ==Ingress-Controller== 是一種轉換者，能夠將 Ingress Resource 的設定轉換成 Ingress-Server (Nginx) 所能夠處理的格式 1. 使用者透過 yaml `部署 ingress` 設定到 kubernetes 裡面 2. Ingress-Controller 偵測到 `Ingress Resource` 的更動，讀取該設定後產生對應的 Nginx.conf 供 Ingress-Server 使用 3. 外部使用者嘗試存取服務，該封包會先到達 Ingress-Server(Nginx) 4. Ingrss-Server(Nginx) 根據 nginx.conf 的設定決定將該封包轉發到後段的服務器 `backend server`. ![](https://i.imgur.com/mI945Wy.png =400x) ![](https://i.imgur.com/STJooW2.png =500x) ![](https://i.imgur.com/pAjdcCk.png =400x) ![](https://i.imgur.com/rgqvxEJ.png =500x) # how to install ### use helm ```shell= helm install stable/nginx-ingress \ --name nginx-ingress \ --set rbac.create=true \ --namespace=kube-system ``` # resource + [Kubernetes 那些事 — Ingress 篇（二）](https://medium.com/andy-blog/kubernetes-%E9%82%A3%E4%BA%9B%E4%BA%8B-ingress-%E7%AF%87-%E4%BA%8C-559c7a41404b)