Accessing Apinizer Services with Kubernetes Ingress
Kubernetes provides a powerful platform for managing distributed applications. However, a suitable way is required to provide access to these applications from the outside world. At this point, Kubernetes' Ingress object and NGINX Ingress Controller come into play. This document provides a step-by-step explanation of how to install the NGINX Ingress Controller and how to access Apinizer Services with Ingress
What is Kubernetes Ingress?
Ingress is a Kubernetes object used to provide access to applications within a Kubernetes cluster from the outside world.
It can route requests coming to a specific host name or path to a specific service. For example, it can route a request coming to example.com/app to a Kubernetes service named app-service.
What is Nginx Ingress Controller?
The NGINX Ingress Controller utilizes NGINX to route requests to applications running in a Kubernetes cluster. It monitors Ingress objects and directs incoming requests to different services based on specific rules.
In addition to NGINX, various other Ingress Controllers exist in the Kubernetes ecosystem. Some of these include: traefik, HAProxy, Envoy, Ambassador.
In this document, access to the application is provided by deploying an NGINX Ingress Controller. When you want to expose your Kubernetes cluster to the outside world in your cloud provider (AWS, GCP, Azure, etc.), you create a service of type LoadBalancer, and an IP address is automatically assigned to cluster. This IP address is used to access the service from outside. However, in on-premises or bare-metal environments, you need a tool like MetalLB to provide LoadBalancer functionality.
MetalLB is used to allocate IP addresses dynamically in Kubernetes clusters running in on-premises or bare-metal environments. It acts as a LoadBalancer implementation for environments where the cloud provider does not offer native LoadBalancer support. With MetalLB, you can expose your services externally using standard LoadBalancer type services in Kubernetes, just like you would in a cloud environment.
This tutorial will explain ingress installation for a virtual machine with the Ubuntu operating system located locally.
If you are working in a cloud environment, you can skip the MetalLB installation.
MetalLB installation
MetalLB (Metal Load Balancer) is a network load balancer solution for Kubernetes clusters.
With the following command, we can perform the installation of MetalLB on the Kubernetes cluster.
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.5/config/manifests/metallb-native.yamlCheck the status of the pods created with the following command and wait until they become "ready".
kubectl get all -n metallb-systemCreating External IP Pool
For MetalLB usage, an IP address pool needs to be created.
Create a YAML file and add the content below, which is of type IPAddressPool.
vim ip-pool.yamlThe IP range you specify in the address section will be the IP address accessible from external environments.
You need to provide an empty range accessible from the local network. In this example, the range 172.16.100.170-172.16.100.180 has been provided.
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: ip-pool
namespace: metallb-system
spec:
addresses:
- 172.16.100.170-172.16.100.180By applying the YAML file, create an IP address pool.
kubectl apply -f ip-pool.yamlNow, the IP addresses within the specified range have been added to this pool. When you create a service of type LoadBalancer, an IP will be automatically assigned to you.
Installation of Nginx Controller
You can install nginx controller on a Kubernetes cluster using Helm.
The purpose of using Helm is to manage all the configuration files required to deploy applications on the Kubernetes cluster and to facilitate the installation process.
In this step, first install Helm, then add the Nginx controller repository.
sudo snap install helm --classic
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo updateNow, nginx-controller installation can be performed using Helm.
helm install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress --set controller.ingressClassResource.name=nginx --create-namespaceRunning the command above will give you output below.
After the successful completion of the Nginx Controller installation, there is a specific verification step.
Now, it should be checked whether an IP has been assigned to the external-ip field of the ingress-nginx-controller service, which is created during the installation and is of type loadbalancer.
kubectl get svc -n ingress-nginxWhen checked, it is observed that an external IP has been assigned for external access.
Nginx controller is now in a ready state.
The next step to access the Apinizer application is to create an Ingress object. This will facilitate access to the Apinizer Management Console by defining a specific DNS name and prefix.
Example of Apinizer Deployment
The output of the following command shows the namespace and POD where the Apinizer Management Console is running.
The Ingress definitions required for accessing our application running in this pod (for the screen below to appear) will be explained in the next section.
Creating an Ingress Object
Before using Ingress, an Ingress resource needs to be created to define how your application will be accessed via URLs.
The Ingress resource specifies rules that the Nginx Ingress Controller follows to route incoming requests to their destinations.
Create a YAML file and customize the relevant configurations to create an Ingress object in Kubernetes according to your needs.
vi ingress.yamlAdd the content of the Ingress and adjust the fields mentioned in the warning section according to your preferences.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: manager-ingress
namespace: apinizer
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /index.html
spec:
rules:
- host: demo.apinizer.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: manager
port:
number: 8080
You can customize the specified fields according to your own application.
host: demo.apinizer.com In this field, Ingress rules are defined. The Host field specifies to which DNS name incoming requests should be routed.
path: / In this area, it is specified which destination the incoming requests will be routed to based on a specific URL path. In this example, requests with the / path adhere to this rule.
pathType: Prefix In this field, it is indicated that the specified path is a prefix. Therefore, requests with the / path match all paths starting with the / prefix.
backend: service: name: manager In this field, the name of the destination service where requests will be routed is written.
port: number: 8080 In this field, the port number of your service (8080) is specified.
Create an Ingress object using the YAML file.
kubectl apply -f ingress.yamlYou can run the following command to verify the accuracy and functionality of the created Ingress object.
kubectl get ing -AThe Ingress object has been created, and the IP address generated in the ingress-nginx-controller service is displayed in the address field.
Additionally, you should also see the host address you specified in the Ingress YAML file here.
Important: It may take 1-2 minutes for the Ingress to show its address, so you may need to wait and check several times.
If you haven't purchased a domain name from a service provider, you can make a local record on your own computer for testing purposes. The following document explains how to do this based on a server with the Ubuntu operating system.
First, if you want to add a DNS record on your own computer to manage your domain, you can follow the steps below:
Local DNS configuration
First step, open the /etc/hosts file with a text editor.
This file is a local DNS (Domain Name System) file where IP addresses and corresponding hostnames are mapped.
vi /etc/hostsAdd the external IP address provided by the ingress-nginx-controller service from Nginx Controller and the DNS address you specified in the Ingress YAML file to this file.
<external-ip> myapp.example.comResult
For the test step, you can use the curl command or access it through a browser.
When a request is made to the demo.apinizer.com/apinizer/management/health address using curl, the result is as follows:
When accessed through the browser, the Apinizer Management Console screen will appear.
You are now using an Ingress to access Apinizer, and the expected result was successful.