Set up Kubernetes Ingress and Load Balancer with K8s NodePort
Ingress controllers abstract the complexity of routed Kubernetes application traffic, providing a bridge between Kubernetes services and services that you define.
See the DuploCloud documentation for instructions to add Tenants, Hosts, and Services.
An administrator needs to enable the AWS Application Load Balancer controller for your Infrastructure before you can use Ingress.
In the DuploCloud Portal, navigate to Administrator -> Infrastructure and select the Infrastructure name from the NAME column.
Select the Settings tab, and click Add. The Infra - Custom Data pane displays.
From the Setting Name list box, select Enable ALB Ingress Controller.
Select Enable.
Click Set. In the Settings tab, the Enable ALB Ingress Controller setting displays a value of true.
Add a Load Balancer listener that uses Kubernetes (K8s) NodePort.
In the DuploCloud Portal, navigate to Kubernetes -> Services.
Select your Service name from the NAME column.
Select the Load Balancers tab.
Click Configure Load Balancer. The Add Load Balancer Listener pane appears.
In the Select Type field, select K8S Node Port.
Enter the Container port and External port.
Optionally, enable Advanced Kubernetes settings.
Kubernetes Health Check and Probes are enabled by default. To manually configure Health Check settings, select Additional health check configs.
Click Add. The Load Balancer listener is displayed under LB Listeners on the Load Balancers tab.
In the Select Type field, select K8S Node Port.
Complete the Container port and External port fields.
In the Health Check field, enter /
.
Complete the other required fields in the Add Load Balancer Listener pane as needed.
Click Add. The Load Balancer displays in the Load Balancers tab.
Select Kubernetes -> Ingress from the navigation pane.
Click Add. The Add Kubernetes Ingress page displays.
Enter a name in the Ingress Name field.
From the Ingress Controller list box, select the Ingress Controller that you defined previously.
From the Visibility list box, select either Internal Only or Public.
From the Certificate ARN list box, select the appropriate ARN.
To expose your services over HTTP or HTTPS, enter the listener ports in the HTTP Listener Port and HTTPS Listener Port fields.
In the Target Type field, specify how you want to route traffic to Pods. You can choose between Instance (Worker Nodes) or IP (Pod IPs).
Instance (Worker Nodes) routes traffic to all EC2 instances within the cluster on the NodePort opened for your Service. To use the Instance target type, the Service must be NodePort or LoadBalancer type.
IP (Pod IPs) routes traffic directly to the Pod IP. The network plugin must use secondary IP addresses on ENI (e.g., amazon-vpc-cni-k8s) for the Pod IP to use IP mode. The Service can be of any type (e.g., ClusterIP, NodePort, or LoadBalancer). IP mode is required for sticky sessions to work with Application Load Balancers.
To add a Kubernetes Ingress, you must define rules. Continue to the next section to add rules to Kubernetes Ingress and complete the setup.
On the Add Kubernetes Ingress page, click Add Rule. The Add Ingress Rule pane displays.
Specify the Path (/ in the example above) and Path Type (Exact, Prefix, or Implementation Specific).
Optionally, enter a Host in the Host field.
Select the Service Name (the Container Port field is automatically completed), or, use the toggle switch to enable Use Container Port Name, and manually complete the Service Name and Container Port Name fields.
Click Add Rule. The rule will be displayed on the Add Kubernetes Ingress page. Repeat steps 1-7 to add additional rules.
On the Add Kubernetes Ingress page, click Add Redirect Config. The Add Redirect Config pane displays.
In the Name field, enter a descriptive name for the Ingress redirect configuration.
In the Host field, specify the domain name for which this redirect rule will apply.
In the Path field, Define the path that should trigger the redirect.
Enter the Port for the backend service or redirect.
Enter the Protocol to enforce (e.g., HTTPS).
If Applicable, in the Query field, specify query parameters for the redirect.
In the Status Codes field, enter the HTTP status code for the redirect.
Optionally, in the Annotations field, enter additional configuration options specific to the Ingress controller.
Click Add to add the Kubernetes Ingress with defined rules and configurations. The Ingress you added displays in the K8S Ingress tab.
DuploCloud Platform supports defining multiple paths in Ingress.
When Ingress is configured, view details by navigating to Kubernetes -> Ingress, and selecting your Ingress from the NAME column.
curl
CommandsYou can also view Ingress details using curl
commands. Curl commands are configured with the DNS names and paths (as defined in your Ingress rules) in the format: curl http://<dns1>/<path1>
. The responses from these requests will show how traffic is being routed according to the Ingress configuration. For example, see the following three commands and responses:
Command: curl http://ig-nev-ingress-ing-t2-1-duplopoc.net/path-x/
Response: this is service1
Command: curl http://ing-doc-ingress-ing-t2-1-duplopoc.net/path-y/
Response: this is service2
Command: curl http://ing-public-ingress-ing-t2.1.duplopoc.net/path-z/
Response: this is ING2-PUBLIC