AKS Ingress
Adding an Ingress for DuploCloud Azure Load Balancers
Last updated
Adding an Ingress for DuploCloud Azure Load Balancers
Last updated
© DuploCloud, Inc. All rights reserved. DuploCloud trademarks used herein are registered trademarks of DuploCloud and affiliates
Ingress controllers abstract the complexity of routed Kubernetes application traffic, providing a bridge between Kubernetes services and services that you define.
To add an SSL certificate to a service using Kubernetes Ingress, see the DuploCloud documentation for using SSL certificates with Ingress.
To run the Load Balancers, you must create one or more Services. To add a service, follow the steps in the Services topic. In this example, we created two Services named s1-alb and s4-nlb.
Before you add an Ingress rule, you need to enable the Ingress Controller for the application gateway.
In the DuploCloud Portal, navigate to Administrator -> Infrastructure.
Select the Infrastructure from the NAME column.
Select the Settings tab, and click Add. The Infra-Set Custom Data pane displays.
In the Setting Name list box, select Enable App Gateway Ingress Controller. Enable the setting and click Set. The Enable App Gateway Ingress Controller setting value is true.
In the DuploCloud Portal, navigate Kubernetes -> Services.
Select the Service from the NAME column.
Click the Load Balancers tab.
Click Configure Load Balancer. The Add Load Balancer Listener pane appears.
In the Select Type field, select K8S Node Port.
In the Health Check field, add the Kubernetes Health Check URL for this container.
Complete the other fields in the Add Load Balancer Listener and click Add.
Using Kubernetes Health Check allows AKS's Application Load Balancer to determine whether your Service is running properly.
In the DuploCloud Portal, navigate to Kubernetes -> Ingress.
Click Add. The Add Kubernetes Ingress page displays.
Supply the Ingress Name, select the Ingress Controller (in this example, azure-application-gateway), and set Visibility to Public.
In the DNS Prefix field, provide the DNS prefix to expose services.
From the Certificate ARN list box, select the certificate ARN to expose services over HTTPS.
Optionally, in the Port Override field, select a port to override. This field allows configuring frontend listeners to use ports other than 80/443 for HTTP/HTTPS. If you use a port other than 80, you must define an additional Security Group rule for that port. See this section for more information.
On the Add Kubernetes Ingress page, click Add Rule. The Add Ingress Rule pane displays.
Enter a Path.
In the Path Type list box, select Exact, Prefix, or Implementation Specific.
In the Service Name field, select the Service (s1-alb:80 in this example).
Click Add Rule to add the Ingress rule.
Repeat steps 1-5 to add additional rules. In this example, we added a second rule for Service s4-nlb:80.
On the Add Kubernetes Ingress page, click Add to create the Ingress.
The DuploCloud Platform supports defining multiple rules/paths in Ingress.
Port 80 is configured by default when adding Ingress. If you want to use a custom port number, add a security group rule for the custom port.
In the DuploCloud Portal, navigate to Administrator -> Infrastructure.
Select the Infrastructure from the NAME column.
Select the Security Group Rules tab.
Click Add. The Add Infrastructure Security pane displays.
Define the rule and click Add. The rule is added to the Security Group Rules list.
When Ingress is configured, view details by navigating to Kubernetes -> Ingress, and selecting your Ingress from the NAME column.
curl
CommandsYou can also view Ingress details using curl
commands. Curl commands are configured with the DNS names and paths (as defined in your Ingress rules) in the format: curl http://<dns1>/<path1>
. The responses from these requests will show how traffic is being routed according to the Ingress configuration. For example, see the following three commands and responses:
Command: curl http://ig-nev-ingress-ing-t2-1.duplopoc.net/path1/
Response: this is IG-NEV
Command: curl http://ing-doc-ingress-ing-t2-1.duplopoc.net/path2/
Response: this is ING-DOC
Command: curl http://ing-public-ingress-ing-t2.1.duplopoc.net/path3/
Response: this is ING2-PUBLIC