tencent cloud

Tencent Kubernetes Engine

Release Notes and Announcements
Release Notes
Announcements
Release Notes
Product Introduction
Overview
Strengths
Architecture
Scenarios
Features
Concepts
Native Kubernetes Terms
Common High-Risk Operations
Regions and Availability Zones
Service Regions and Service Providers
Open Source Components
Purchase Guide
Purchase Instructions
Purchase a TKE General Cluster
Purchasing Native Nodes
Purchasing a Super Node
Getting Started
Beginner’s Guide
Quickly Creating a Standard Cluster
Examples
Container Application Deployment Check List
Cluster Configuration
General Cluster Overview
Cluster Management
Network Management
Storage Management
Node Management
GPU Resource Management
Remote Terminals
Application Configuration
Workload Management
Service and Configuration Management
Component and Application Management
Auto Scaling
Container Login Methods
Observability Configuration
Ops Observability
Cost Insights and Optimization
Scheduler Configuration
Scheduling Component Overview
Resource Utilization Optimization Scheduling
Business Priority Assurance Scheduling
QoS Awareness Scheduling
Security and Stability
TKE Security Group Settings
Identity Authentication and Authorization
Application Security
Multi-cluster Management
Planned Upgrade
Backup Center
Cloud Native Service Guide
Cloud Service for etcd
TMP
TKE Serverless Cluster Guide
TKE Registered Cluster Guide
Use Cases
Cluster
Serverless Cluster
Scheduling
Security
Service Deployment
Network
Release
Logs
Monitoring
OPS
Terraform
DevOps
Auto Scaling
Containerization
Microservice
Cost Management
Hybrid Cloud
AI
Troubleshooting
Disk Full
High Workload
Memory Fragmentation
Cluster DNS Troubleshooting
Cluster kube-proxy Troubleshooting
Cluster API Server Inaccessibility Troubleshooting
Service and Ingress Inaccessibility Troubleshooting
Common Service & Ingress Errors and Solutions
Engel Ingres appears in Connechtin Reverside
CLB Ingress Creation Error
Troubleshooting for Pod Network Inaccessibility
Pod Status Exception and Handling
Authorizing Tencent Cloud OPS Team for Troubleshooting
CLB Loopback
API Documentation
History
Introduction
API Category
Making API Requests
Elastic Cluster APIs
Resource Reserved Coupon APIs
Cluster APIs
Third-party Node APIs
Relevant APIs for Addon
Network APIs
Node APIs
Node Pool APIs
TKE Edge Cluster APIs
Cloud Native Monitoring APIs
Scaling group APIs
Super Node APIs
Other APIs
Data Types
Error Codes
TKE API 2022-05-01
FAQs
TKE General Cluster
TKE Serverless Cluster
About OPS
Hidden Danger Handling
About Services
Image Repositories
About Remote Terminals
Event FAQs
Resource Management
Service Agreement
TKE Service Level Agreement
TKE Serverless Service Level Agreement
Contact Us
Glossary
DocumentationTencent Kubernetes EngineApplication ConfigurationService and Configuration Management Ingress ManagementIngress Controllers

Ingress Controllers

PDF
Focus Mode
Font Size
Last updated: 2024-12-23 11:30:47

Ingress Controllers

Application CLB

Application CLB is a TKE Ingress Controller based on the Tencent Cloud Load Balancer (CLB), which can implement the access of different services in the cluster with different URLs. CLB directly forwards the traffic to a Pod through the NodePort (the traffic is forwarded to a Pod in the CLB-to-Pod direct access mode). One Ingress configuration is bound to one CLB instance (IP), which is suitable for scenarios that only require simple routing management and are insensitive to IP address convergence. For more information, see CLB Type Ingress.

Istio Ingress Gateway

Istio Ingress Gateway is an Ingress Controller based on Tencent Cloud CLB and Istio Ingress Gateway (provided by Tencent Cloud TCM). The control plane and related supporting components are maintained by Tencent Cloud. You only need to deploy the containerized data plane that performs traffic forwarding in the cluster. You can use native Kubernetes Ingress or Istio API that provides more refined traffic management capabilities. A layer of proxy (envoy) is added after CLB, which is suitable for scenarios where there are more requirements for access layer routing management, IP address convergence, and entrance traffic management of cross-cluster and heterogeneous deployment service.

Dedicated API Gateway

Dedicated API Gateway is a TKE Ingress Controller based on a dedicated Tencent Cloud API Gateway instance. It is suitable for scenarios where multiple TKE clusters require a unified access layer or the access layer requires authentication and traffic throttling. For more information, see API Gateway Type Ingress. It has the following strengths:
API Gateway is directly connected to the Pods of the TKE cluster without any intermediate nodes.
An API Gateway TKE tunnel can connect multiple TKE services at the same time, among which the traffic is distributed based on the weighted round robin algorithm.
Advanced extended capabilities provided by API Gateway can be used, such as authentication, traffic throttling, canary traffic distribution, caching, and downgrade upon circuit breaking.
Supported by a dedicated API Gateway instance, the underlying physical resources of a user are exclusive to the user, with a stable performance and high SLA delivered.

Nginx Ingress Controller

Nginx Ingress Controller is an Ingress controller based on Tencent Cloud CLB and Nginx reverse proxy (containerized deployment in cluster). It extends the features of native Kubernetes Ingress through Annotations, and adds a layer of proxy (nginx) after CLB, which is suitable for scenarios where there are more requirements for access layer routing management and IP address convergence. For more information, see Nginx Type Ingress.

Ingress Controllers Comparison

Module
Description
Application CLB
Istio Ingress Gateway (Provided by Tencent Cloud TCM)
Dedicated API Gateway
Nginx Ingress Controller
Traffic management
Supported protocols
HTTP and HTTPS
HTTP, HTTPS, HTTP2, GRPC, TCP, and TCP + TLS
HTTP, HTTPS, HTTP2, and GRPC
HTTP, HTTPS, HTTP2, GRPC, TCP, and UDP
IP Management
One Ingress rule corresponds to one IP (CLB).
Multiple Ingress rules correspond to one IP (CLB). IP address convergence is supported.
Multiple Ingress rules correspond to one IP (Dedicated API Gateway). IP address convergence is supported.
Multiple Ingress rules correspond to one IP (CLB). IP address convergence is supported.
Attribute route
HOST and URL
More attributes are supported, such as header, method, query, and parameter.
More attributes are supported, such as header, method, query, and parameter.
More attributes are supported, such as header and cookie.
Traffic behavior
Not supported
Behaviors such as rewrite and redirection are supported.
Redirection, custom request, and custom response are supported.
Behaviors such as rewrite and redirection are supported.
Region-aware load balancing
Not supported
Supported
Not supported
Not supported
Application access addressing
Service discovery
Single Kubernetes cluster
Multiple Kubernetes clusters + heterogeneous service
Multiple Kubernetes clusters
Single Kubernetes cluster
Security
SSL configuration
Supported
Supported
Supported
Supported
Authentication authorization
Not supported
Supported
Supported
Supported
Observability
Monitoring metrics
Supported (View in CLB)
Supported (Cloud native monitoring or Tencent Cloud Observability Platform)
Supported (View in API Gateway)
Supported (Cloud native monitoring)
Call tracing
Not supported
Supported
Not supported
Not supported
Add-on Ops
The associated CLB has been managed. You only need to run TKE Ingress Controller in the cluster.
The control plane has been managed. You only need to run the data plane Ingress Gateway.
You don't need to run the control plane in the Kubernetes cluster. Instead, simply enable the private network access feature in the cluster.
You need to run Nginx Ingress Controller in the cluster (control plane + data plane).

Previous Topic: Service AnnotationNext Topic: Overview

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback