Services expose TKE in clusters based on the layer-4 network. Exposed service types, such as ClusterIP, NodePort, or LoadBalancer are all based on the access entry of layer-4 network services. They lack Layer-7 network capabilities, such as load balancing, SSL, and name-based virtual hosts. An ingress exposes HTTP and HTTPS services in the layer-7 network and provides common layer-7 network capabilities.
An ingress is a collection of rules that allows access to services within a cluster. You can configure forwarding rules to allow different URLs to access different services within the cluster. To ensure proper ingress operation, a cluster needs to run Ingress Controller
. By default, a TKE cluster enables CLB-based TKE Ingress Controller
.
The external service capability of an ingress depends on resources provided by the CLB. Service resource management is one of the important function of an ingress. The following table describes the labels that an ingress will use for resource lifecycle management.
Label | Description |
---|---|
tke-createdBy-flag = yes |
|
tke-clusterId = &dxlt;clusterId&dxgt; |
|
tke-lb-ingress-uuid = &dxlt;Ingress UUID&dxgt; |
|
In addition to TKE Ingress Controller
provided by Tencent Cloud, the Kubernetes community has various third-party Ingress Controllers
. These ingress controllers expose services in the layer-7 network. The Kubernetes community allows you to use the kubernetes.io/ingress.class
annotation to distinguish different ingress controllers and determine the controller that processes an ingress. TKE Ingress Controller
also supports this annotation. The detailed rules and use suggestions are as follows:
kubernetes.io/ingress.class
annotation, TKE Ingress Controller
will manage the ingress.kubernetes.io/ingress.class
annotation and its value is qcloud
, TKE Ingress Controller
will manage the ingress.kubernetes.io/ingress.class
annotation content, TKE Ingress Controller
will add the ingress to or remove it from its management scope based on the annotation content. This operation will create or release an ingress.TKE Ingress Controller
is not required, you can change the number of Deployment
(kube-system:l7-lb-controller
) replicas in the cluster to 0 to disable the TKE Ingress Controller
feature.
Note:Before disabling the
TKE Ingress Controller
feature, ensure that no ingress is managed byTKE Ingress Controller
to prevent CLB release failures.
For more information about ingress-related operations and features, see the following documents:
Was this page helpful?