GKE Ingress

Create a GKE Ingress using the DuploCloud Portal

Creating a GKE Ingress Controller

GCP's Ingress Controller for GKE automatically manages traffic routing to Kubernetes services, integrating Kubernetes workloads with Google Cloud's load-balancing infrastructure. It simplifies external access to applications, handling SSL termination and global load distribution.

GCP offers its own Ingress Controller, specifically created for Google Kubernetes Engine (GKE), to seamlessly integrate Kubernetes services with Google Cloud's advanced load balancing features.

Container Native Load Balancing with GKE Ingress

Container-native load balancing on Google Cloud Platform (GCP) allows load balancers to directly target Kubernetes Pods instead of using a node-based proxy. This approach improves performance by enabling more efficient routing, reducing latency by eliminating extra hops and providing better health-checking capabilities.

It leverages the network endpoint groups (NEGs) feature to ensure that traffic is directed to the appropriate container instances, enabling more granular and efficient load distribution for applications running on GKE.


Creating Tenants and Services

See the Containers topic for steps on how to create Tenants, and Services.

Once your services are deployed, you are ready to add and configure a GKE Ingress controller in GCP.

Adding a Duplo LoadBalancer listener with Kubernetes ClusterIP

Add a load balancer listener that uses Kubernetes (K8s) ClusterIP type service. Kubernetes Health Check and Probes are enabled by default. To specifically configure the settings for Health Check, select Additional Health Check configs when you add the Load Balancer.

  1. In the DuploCloud Portal, navigate Kubernetes -> Services.

  2. On the Services page, select the Service name in the Name column.

  3. Click the Load Balancers tab.

  4. Click Configure Load Balancer. The Add Load Balancer Listener pane appears.

  1. From the Select Type list box, select K8S Cluster IP.

  2. Complete the other required fields in the Add Load Balancer Listener pane and click Add. The Load Balancer displays in the Load Balancers tab.

  3. Click Advanced Kubernetes Settings and enable Set Health Check annotations for Ingress. (This will add required annotations in Kubernetes Service to be recognized by the GKE Ingress Controller)

  4. Click Add.

Create a GCP Managed Certificate (optional)

In order to enable SSL, you can create a GCP-managed certificate resource in the application namespace.

apiVersion: networking.gke.io/v1
kind: ManagedCertificate
  name: my-managed-cert
  namespace: duploservices-npdev04gke
  - npdev04.duplocloud.net #your A record name in DNS

Add a Kubernetes Ingress

Once Services are deployed, add an Ingress:

  1. Select Kubernetes -> Ingress from the navigation pane.

  2. Click Add. The Add Kubernetes Ingress page displays.

You must define rules to add a Kubernetes Ingress. Continue to the next section to add rules to Kubernetes Ingress and complete the Ingress setup.

Add rules to Kubernetes Ingress and complete Ingress setup

  1. In the Add Kubernetes Ingress page, configure Ingress by clicking Add Rule. The Add Ingress Rule pane displays.

  1. Specify the Path (/samplePath/ in the example above).

  2. From the Service Name list box, select the Service exposed through the K8S ClusterIP (nginx-test in the example above). The Container port field is completed automatically.

  3. Click Add Rule. The rule is displayed on the Add Kubernetes Ingress page. Add additional rules by repeating the preceding steps.

  1. On the Add Kubernetes Ingress page, specify the Ingress Name.

  2. From the Ingress Controller list box, select gce.

  3. From the Visibility list box, select Internal Only or Public.

  4. If you have created a GCP managed certificate, add the following annotations in the Annotations field to link the Ingress with your GCP managed certificate

"networking.gke.io/managed-certificates" = "my-managed-cert",
"kubernetes.io/ingress.allow-http" = "false"
  1. Click Add to add the Kubernetes Ingress with defined rules. The Ingress you added displays in the Ingress page.

Viewing Ingress

When Ingress is configured, you can access Services based on the rules for each DNS, displayed in the K8S Ingress tab.

In this example, we display the output for three Services with Path Type rules and different DNS names. See the previous example for detailed steps to create Ingress rules.

The Ingress creation will take a few minutes. Once the IP is attached to the ingress, you are ready to use your path- or host-based routing defined via ingress!

Last updated


© DuploCloud, Inc. All rights reserved. DuploCloud trademarks used herein are registered trademarks of DuploCloud and affiliates