- Product Updates
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- Notes on the New Console
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Image explanation of TKE-Optimized series
- Cluster Lifecycle
- Creating a Cluster
- Cluster Scaling
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Registered Container Cluster in Cloud Networking
- Configuring Intra-Region and Cross-region Peering
- Setting Communication Between Cluster Container and IDC
- Enabling VPC-CNI for a Cluster
- Node Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Managing StatefulSets with Static Pod IP Addresses
- Auto Scaling
- Service
- Configuration
- Storage Management
- Helm Application
- Image Registries
- OPS Center
- Monitoring and Alarms
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Best Practices
- Cluster Auto Scaling Practices
- Application High Availability Deployment
- Using Network Policy for Network Access Control
- Building a Simple Web Application
- docker run Parameter Adaptation
- Multiple Containers in One Pod
- Using NodeLocal DNS Cache in a TKE Cluster
- Removing and Re-adding Nodes from and to Cluster
- Construction and Deployment of Jenkins Public Network Framework Appications based on TKE
- Solve the inconsistent time zone problem in the container
- Access Management
- Fault Handling
- API documentation
- Introduction
- API Category
- Making API Requests
- Other APIs
- Scaling group related interfaces
- Node-related APIs
- Cluster-related APIs
- CreateClusterEndpoint
- CreateClusterEndpointVip
- DeleteCluster
- DeleteClusterEndpoint
- DeleteClusterEndpointVip
- CreateCluster
- DescribeClusterEndpointStatus
- DescribeClusterEndpointVipStatus
- DescribeClusterInstances
- DescribeClusterSecurity
- ModifyClusterAttribute
- DescribeClusters
- ModifyClusterEndpointSP
- DeleteClusterInstances
- AddExistedInstances
- API Mapping Guide
- Data Types
- Error Codes
- FAQs
- Notice
- Service Level Agreement
- Glossary
- User Guide(Old)
- Product Updates
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- Notes on the New Console
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Image explanation of TKE-Optimized series
- Cluster Lifecycle
- Creating a Cluster
- Cluster Scaling
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Registered Container Cluster in Cloud Networking
- Configuring Intra-Region and Cross-region Peering
- Setting Communication Between Cluster Container and IDC
- Enabling VPC-CNI for a Cluster
- Node Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Managing StatefulSets with Static Pod IP Addresses
- Auto Scaling
- Service
- Configuration
- Storage Management
- Helm Application
- Image Registries
- OPS Center
- Monitoring and Alarms
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Best Practices
- Cluster Auto Scaling Practices
- Application High Availability Deployment
- Using Network Policy for Network Access Control
- Building a Simple Web Application
- docker run Parameter Adaptation
- Multiple Containers in One Pod
- Using NodeLocal DNS Cache in a TKE Cluster
- Removing and Re-adding Nodes from and to Cluster
- Construction and Deployment of Jenkins Public Network Framework Appications based on TKE
- Solve the inconsistent time zone problem in the container
- Access Management
- Fault Handling
- API documentation
- Introduction
- API Category
- Making API Requests
- Other APIs
- Scaling group related interfaces
- Node-related APIs
- Cluster-related APIs
- CreateClusterEndpoint
- CreateClusterEndpointVip
- DeleteCluster
- DeleteClusterEndpoint
- DeleteClusterEndpointVip
- CreateCluster
- DescribeClusterEndpointStatus
- DescribeClusterEndpointVipStatus
- DescribeClusterInstances
- DescribeClusterSecurity
- ModifyClusterAttribute
- DescribeClusters
- ModifyClusterEndpointSP
- DeleteClusterInstances
- AddExistedInstances
- API Mapping Guide
- Data Types
- Error Codes
- FAQs
- Notice
- Service Level Agreement
- Glossary
- User Guide(Old)
Ingress Management
Last updated: 2020-05-28 10:47:41
Introduction
An Ingress is a collection of rules that allow access to services within a cluster. You can configure different forwarding rules to allow different URLs to access different services within the cluster.
For the proper running of Ingress resources, the cluster must run an Ingress controller. TKE enables the CLB-based l7-lb-controller by default in the cluster. It supports HTTP, HTTPS, and nginx-ingress types. You can select different Ingress types based on your business needs.
Notes
- Do not use the same CLB for TKE and CVM.
- For a CLB managed by TKE, you cannot modify its listeners, forwarding paths, certificates, and backend-bound servers on CLB console. Changes made on the CLB console will be automatically overwritten by TKE.
- When using an existing CLB:
- You can only use load balancers created through the CLB Console, not balancers automatically created by TKE.
- Do not use one CLB for multiple Ingresses.
- Do not use the same CLB for Ingress and Service.
- When you delete an Ingress, the real server bound to the reused CLB needs to be unbound manually, and
tag tke-clusterId: cls-xxxxis kept for the CLB. You need to clear it manually.
Operation Guide for Ingresses in the Console
Creating an Ingress
- Log in to the TKE Console.
- In the left sidebar, click Clusters to go to the cluster management page.
- Click the cluster ID where the Ingress needs to be created to go to the cluster management page.
- Select Service -> Ingress to go to the Ingress information page.
- Click Create to go to the Create an Ingress page. See the figure below:
- Set the Ingress parameters as needed. Key parameters are as follows:
- Ingress name: custom.
- Network type: the default value is "Public network". Select an option as needed.
- Load balancer: create one automatically or use an existing CLB.
- Namespace: select an option as needed.
- Listener port: the default is Http:80. Select another port if needed.
If Https:443 is selected, a server certificate must be bound to ensure access security. For more information, see SSL certificate format requirements and format conversion description. - Forwarding configuration: set this parameter as needed.
- Click Create Ingress to create an Ingress.
Updating an Ingress
Updating YAML
- Log in to the TKE Console.
- In the left sidebar, click Clusters to go to the cluster management page.
- Click the cluster ID for which you want to update the YAML to go to the cluster management page.
- Select Service -> Ingress to go to the Ingress information page. See the figure below:
- In the row of the Ingress for which you want to update YAML, click Edit YAML to go to the Update an Ingress page.
- On the Update an Ingress page, edit YAML and click Complete to update YAML.
Updating a forwarding rule
- On the cluster management page, click the cluster ID for which you want to update the YAML to go to the cluster management page.
- Select Service -> Ingress to go to the Ingress information page. See the figure below:
- In the row of the Ingress for which you want to update the forwarding rule, click Update forwarding configuration to go to the Update forwarding configuration page. See the figure below:
- Modify the forwarding configuration based on actual needs and click Update forwarding configuration to complete the update.
Managing Ingress Using kubectl
YAML sample
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: qcloud ## Options: qcloud (CLB-type Ingress), nginx (nginx-ingress)
## kubernetes.io/ingress.existLbId: lb-xxxxxxxx ## Specify an existing load balancer to use to create the Ingress for public/private network access.
## kubernetes.io/ingress.subnetId: subnet-xxxxxxxx ## If you are creating a CLB-type private network Ingress, you need to specify this annotation.
name: my-ingress
namespace: default
spec:
rules:
- host: localhost
http:
paths:
- backend:
serviceName: non-service
servicePort: 65535
path: /- kind: identifies the Ingress resource type.
- metadata: basic information such as Ingress name and Label.
- metadata.annotations: an additional description of the Ingress. You can set additional enhancements for TKE through this parameter.
- spec.rules: the Ingress forwarding rule, which can be configured to implement a simple routing service, domain name-based simple fan-out routing, default domain name for simple routing, and securely configured routing service.
annotations: create an Ingress for public/private network access using an existing load balancer
If the existing application CLB is idle and you want to use it for an Ingress created by TKE or you want to use the same CLB within the cluster, you can set it using the following annotations:
Read the Notes before using it.
metadata:
annotations:
kubernetes.io/ingress.existLbId: lb-6swtxxxxannotations: create an Ingress of the CLB type
If you need to use a private network CLB, set it with the following annotations:
metadata:
annotations:
kubernetes.io/ingress.subnetId: subnet-xxxxxxxxNotes
If you are using an account with IP bandwidth packages, you need to specify the following two annotations when creating a service accessible to the public network:
kubernetes.io/ingress.internetChargeTypeidentifies the public network bandwidth billing method. Optional values include:- TRAFFIC_POSTPAID_BY_HOUR (Bill-by-traffic)
- BANDWIDTH_POSTPAID_BY_HOUR (Bill-by-bandwidth)
kubernetes.io/ingress.internetMaxBandwidthOutfor bandwidth upper limit (value range: [1,2000] Mbps).
For example:
metadata: annotations: kubernetes.io/ingress.internetChargeType: TRAFFIC_POSTPAID_BY_HOUR kubernetes.io/ingress.internetMaxBandwidthOut: "10"
Creating an Ingress
- Prepare the Ingress YAML file as instructed by YAML sample.
- Install kubectl and connect to a cluster. For detailed operations, please see Connecting to a Cluster.
- Run the following command to create the Ingress YAML file.
For example, to create an Ingress YAML file named my-ingress.yaml, run the following command:kubectl create -f Ingress YAML filenamekubectl create -f my-ingress.yaml - Run the following command to check whether the Ingress YAML file was successfully created:
A message similar to the one below indicates that the Ingress YAML file is successfully created.kubectl get ingressNAME HOSTS ADDRESS PORTS AGE clb-ingress localhost 80 21s
Updating an Ingress
Method 1
Run the following command to update an Ingress:
kubectl edit ingress/[name]Method 2
- Manually delete the old Ingress.
- Run the following command to recreate an Ingress:
kubectl create/apply
Was this page helpful?