GKE Ingress
Adding an Ingress for DuploCloud Google Cloud Platform Load Balancers
GCP's Ingress Controller for GKE automatically manages traffic routing to Kubernetes services, integrating Kubernetes workloads with Google Cloud's load-balancing infrastructure. It simplifies external access to applications, handling SSL termination and global load distribution.
GCP offers its own Ingress Controller, specifically created for Google Kubernetes Engine (GKE), to seamlessly integrate Kubernetes services with Google Cloud's advanced load balancing features.
Container-native load balancing with GKE Ingress
Container-native load balancing on Google Cloud Platform (GCP) allows Load Balancers to directly target Kubernetes Pods instead of using a node-based proxy. This approach improves performance by enabling more efficient routing, reducing latency by eliminating extra hops, and providing better health-checking capabilities.
It leverages the network endpoint groups (NEGs) feature to ensure that traffic is directed to the appropriate container instances, enabling more granular and efficient load distribution for applications running on GKE.

Prerequisites
Before you can create an Ingress, you must create the following DuploCloud resources:
GKE Standard users: create a DuploCloud Tenant, Node Pool, and Service.
GKE Autopilot users: create a DuploCloud Tenant, and Service.
See the DuploCloud GCP User Guide for steps on how to create Tenants, Node Pools and Services. Once your Tenant and Service are deployed, you can add and configure a Load Balancer listener.
Adding a Load Balancer listener with Kubernetes ClusterIP
In the DuploCloud Portal, navigate Kubernetes -> Services.
On the Services page, select the Service name from the NAME column.
Click the Load Balancers tab.
Click Configure Load Balancer. The Add Load Balancer Listener pane appears.

From the Select Type list box, select K8s ClusterIP.
Optionally, enable Advanced Kubernetes Settings and configure the External Traffic Policy and Extra Selector Labels fields.
Optionally, select Set HealthCheck annotations (this ensures the Kubernetes Service is recognized by the GKE Ingress Controller).
Optionally, enable Additional health check configs.
Click Add. The Load Balancer listener details will appear in the Load Balancers tab on the Service details page.

Creating a GCP Managed Certificate (optional)
To enable SSL, create a GCP-managed certificate resource in the application namespace, as shown in the example below.
apiVersion: networking.gke.io/v1
kind: ManagedCertificate
metadata:
name: my-managed-cert
namespace: duploservices-npdev04gke
spec:
domains:
- npdev04.duplocloud.net #your A record name in DNS
Adding a Kubernetes Ingress
Once a Service and Load Balancer are deployed, complete the following steps to add an Ingress:
Configuring the Ingress
Select Kubernetes -> Ingress from the navigation pane.
Click Add. The Add Kubernetes Ingress page displays.

Complete the fields to configure the Ingress:
Ingress Name
Enter a unique name for your Ingress.
Ingress Controller
Select GCE to use the Google Cloud Ingress Controller for GKE.
Visibility
Choose Internal Only or Public to define load balancer visibility.
DNS Prefix
Specify the DNS prefix for the Ingress (e.g., myapp
).
TLS Hosts
Enter the domain names to secure with TLS (e.g., example.com,www.example.com
), separated by commas.
TLS Secret Name
Enter the Kubernetes TLS secret containing the certificate and key. Must exist in the Ingress namespace.
Annotations
Optional: Add Kubernetes annotations in key=value
format. Use this to configure Ingress behavior or link to a GCP Managed Certificate.
Labels
Optionally, enter labels to organize the Ingress resource.
Before you can save the Ingress, you must add at least one rule. In the Ingress Rules section, click Add Rule. The Add Ingress Rule pane displays.

Complete the fields to configure the rule:
Path
Enter the URL path to match (e.g., /samplePath
).
Path Type
Select the path matching behavior, such as Exact
, Prefix
, or ImplementationSpecific
.
Host
Optionally, enter the hostname to match (e.g., api.example.com
).
Service
Select the Kubernetes Service to expose through the Ingress. Only Services using K8s ClusterIP are valid.
Container Port
Select the port from the Kubernetes service that ingress will use as backend port to serve the requests.
Click Add Rule to add the rule to the Ingress. Repeat the steps to define additional rules as needed.
After at least one rule is added, click Add to create the Ingress. Ingress creation will take a few minutes. Once the IP is attached to the Ingress, the Ingress displays on the Ingress page and you are ready to use your path- or host-based routing defined via Ingress.
Viewing an Ingress
You can view the Ingresses you have created by navigating to Kubernetes -> Ingress.
Click on an Ingress name in the NAME column to view Ingress details.

Last updated
Was this helpful?