k8s Ingress Practice

Exposing a deployment with kubernetes Imperatively

kubectl expose deployment scraper --type=ClusterIP --port=3030 --target-port=3030

Generate an ingress to expose deployment Imperatively. Following is an example of host based ingress

kubectl create ingress meroingress --rule="red.logpoint.com.np/*=scrapersvc:3030" --rule="blue.logpoint.com.np/*=scrapersvc:3030" --annotation kubernetes.io/ingress.class=nginx --dry-run=client -o yaml > meroingress.yaml

The nginx ingress definition generated will be as follows. It exposes the services based on multiple hostnames. Ingress can also host services based on paths

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
  creationTimestamp: null
  name: meroingress
spec:
  rules:
  - host: red.logpoint.com.np
    http:
      paths:
      - backend:
          service:
            name: scraper
            port:
              number: 3030
        path: /
        pathType: Prefix
  - host: blue.logpoint.com.np
    http:
      paths:
      - backend:
          service:
            name: scraper
            port:
              number: 3030
        path: /
        pathType: Prefix
status:
  loadBalancer: {}

Path based Ingress can be generated imperatively. Following is an example of generating Path based ingress. It combines annnotations from cert-manager to generate tls cert automatically. Also annotation from nginx-ingress itself to rewrite the URL from a path based notation to /. /admin URI from client side will be redirect to / on the service handling administrative operations.

kubectl create ingress multipath --rule="pre.logpoint.com.np/admin*=scraper:3030,tls=logpoint-ingress" --rule="pre.logpoint.com.np/press*=pressvc:8090" --dry-run=client --annotation kubernetes.io/ingress.class=nginx --annotation cert-manager.io/cluster-issuer=ca-issuer --annotation nginx.ingress.kubernetes.io/rewrite-target=/ -o yaml

It generates

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/cluster-issuer: ca-issuer
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /
  creationTimestamp: null
  name: multipath
spec:
  rules:
  - host: pre.logpoint.com.np
    http:
      paths:
      - backend:
          service:
            name: scraper
            port:
              number: 3030
        path: /admin
        pathType: Prefix
      - backend:
          service:
            name: presssvc
            port:
              number: 8090
        path: /press
        pathType: Prefix
  tls:
  - hosts:
    - pre.logpoint.com.np
    secretName: logpoint-ingress
status:
  loadBalancer: {}