GKE Ingress
Create a GKE Ingress using the DuploCloud Portal
Creating a GKE Ingress Controller
GCP's Ingress Controller for GKE automatically manages traffic routing to Kubernetes services, integrating Kubernetes workloads with Google Cloud's load-balancing infrastructure. It simplifies external access to applications, handling SSL termination and global load distribution.
GCP offers its own Ingress Controller, specifically created for Google Kubernetes Engine (GKE), to seamlessly integrate Kubernetes services with Google Cloud's advanced load balancing features.
Container Native Load Balancing with GKE Ingress
Container-native load balancing on Google Cloud Platform (GCP) allows load balancers to directly target Kubernetes Pods instead of using a node-based proxy. This approach improves performance by enabling more efficient routing, reducing latency by eliminating extra hops and providing better health-checking capabilities.
It leverages the network endpoint groups (NEGs) feature to ensure that traffic is directed to the appropriate container instances, enabling more granular and efficient load distribution for applications running on GKE.
Prerequisites
Creating Tenants and Services
See the Containers topic for steps on how to create Tenants, and Services.
Once your services are deployed, you are ready to add and configure a GKE Ingress controller in GCP.
Adding a Duplo LoadBalancer listener with Kubernetes ClusterIP
Add a load balancer listener that uses Kubernetes (K8s) ClusterIP type service. Kubernetes Health Check and Probes are enabled by default. To specifically configure the settings for Health Check, select Additional Health Check configs when you add the Load Balancer.
In the DuploCloud Portal, navigate Kubernetes -> Services.
On the Services page, select the Service name in the Name column.
Click the Load Balancers tab.
Click Configure Load Balancer. The Add Load Balancer Listener pane appears.
From the Select Type list box, select K8S Cluster IP.
Complete the other required fields in the Add Load Balancer Listener pane and click Add. The Load Balancer displays in the Load Balancers tab.
Click Advanced Kubernetes Settings and enable Set Health Check annotations for Ingress. (This will add required annotations in Kubernetes Service to be recognized by the GKE Ingress Controller)
Click Add.
Create a GCP Managed Certificate (optional)
In order to enable SSL, you can create a GCP-managed certificate resource in the application namespace.
Add a Kubernetes Ingress
Once Services are deployed, add an Ingress:
Select Kubernetes -> Ingress from the navigation pane.
Click Add. The Add Kubernetes Ingress page displays.
You must define rules to add a Kubernetes Ingress. Continue to the next section to add rules to Kubernetes Ingress and complete the Ingress setup.
Add rules to Kubernetes Ingress and complete Ingress setup
In the Add Kubernetes Ingress page, configure Ingress by clicking Add Rule. The Add Ingress Rule pane displays.
Specify the Path (/samplePath/ in the example above).
From the Service Name list box, select the Service exposed through the K8S ClusterIP (nginx-test in the example above). The Container port field is completed automatically.
Click Add Rule. The rule is displayed on the Add Kubernetes Ingress page. Add additional rules by repeating the preceding steps.
On the Add Kubernetes Ingress page, specify the Ingress Name.
From the Ingress Controller list box, select gce.
From the Visibility list box, select Internal Only or Public.
If you have created a GCP managed certificate, add the following annotations in the Annotations field to link the Ingress with your GCP managed certificate
Click Add to add the Kubernetes Ingress with defined rules. The Ingress you added displays in the Ingress page.
Viewing Ingress
When Ingress is configured, you can access Services based on the rules for each DNS, displayed in the K8S Ingress tab.
In this example, we display the output for three Services with Path Type rules and different DNS names. See the previous example for detailed steps to create Ingress rules.
The Ingress creation will take a few minutes. Once the IP is attached to the ingress, you are ready to use your path- or host-based routing defined via ingress!
Last updated