AKS Ingress

Ingress controllers abstract the complexity of routed Kubernetes application traffic, providing a bridge between Kubernetes services and services that you define.

Prerequisites

Creating Services with AKS

To run the Load Balancers, you must create one or more Services. To add a service, follow the steps in the Services topic. In this example, we created two Services named s1-alb and s4-nlb.

Enabling the Ingress Controller

Before you add an Ingress rule, you need to enable the Ingress Controller for the application gateway.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Select the Infrastructure from the NAME column.

3. Select the Settings tab, and click Add. The Infra-Set Custom Data pane displays.

4. In the Setting Name list box, select Enable App Gateway Ingress Controller. Enable the setting and click Set. The Enable App Gateway Ingress Controller setting value is true.

Adding a Load Balancer Listener using K8S NodePort

1. In the DuploCloud Portal, navigate Kubernetes -> Services.

2. Select the Service from the NAME column.

3. Click the Load Balancers tab.

4. Click Configure Load Balancer. The Add Load Balancer Listener pane appears.
5. In the Select Type field, select K8S Node Port.

6. In the Health Check field, add the Kubernetes Health Check URL for this container.

7. Complete the other fields in the Add Load Balancer Listener and click Add.

Adding Kubernetes Ingress

1. In the DuploCloud Portal, navigate to Kubernetes -> Ingress.

2. Click Add. The Add Kubernetes Ingress page displays.

3. Supply the Ingress Name.

4. Select the Ingress Controller.

5. Set Visibility to Public or Internal Only.
6. Optionally, in the DNS Prefix field, provide the DNS prefix to expose services.

7. Optionally, in the Certificate Name list box, select or enter the name of the TLS/SSL certificate to secure the Ingress traffic.

8. Optionally, in the Port Override field, select a port to override. This field allows configuring frontend listeners to use ports other than 80/443 for HTTP/HTTPS. If you use a port other than 80, you must define an additional Security Group rule for that port. See this section for more information.

9. Optionally, enable HTTP to HTTPS Redirect to automatically redirect all HTTP requests to HTTPS, ensuring secure communication with your services.

10. Follow the steps below to configure Ingress rules.

11. Click Add to create the Ingress.

Configuring Ingress rules

1. On the Add Kubernetes Ingress page, click Add Rule. The Add Ingress Rule pane displays.
2. Enter a Path.

3. In the Path Type list box, select Exact, Prefix, or Implementation Specific.

4. In the Service Name field, select the Service (s1-alb:80 in this example).

5. Click Add Rule to add the Ingress rule.

6. Repeat steps 1-5 to add additional rules.

Adding a Security Group Rule

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Select the Infrastructure from the NAME column.

3. Select the Security Group Rules tab.

4. Click Add. The Add Infrastructure Security pane displays.
5. Define the rule and click Add. The rule is added to the Security Group Rules list.

Viewing Ingress

Viewing Ingress details in the DuploCloud Portal

When Ingress is configured, view details by navigating to Kubernetes -> Ingress, and selecting your Ingress from the NAME column.

Viewing Ingress details using curl Commands

You can also view Ingress details using curl commands. Curl commands are configured with the DNS names and paths (as defined in your Ingress rules) in the format: curl http://<dns1>/<path1>. The responses from these requests will show how traffic is being routed according to the Ingress configuration. For example, see the following three commands and responses:

Command: curl http://ig-nev-ingress-ing-t2-1.duplopoc.net/path1/

Response: this is IG-NEV

Command: curl http://ing-doc-ingress-ing-t2-1.duplopoc.net/path2/

Response: this is ING-DOC

Command: curl http://ing-public-ingress-ing-t2.1.duplopoc.net/path3/

Response: this is ING2-PUBLIC