tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Kubernetes Engine
    Documentation
    Download PDF

    Basic Ingress Features

    Last updated: 2023-05-06 19:41:07
    Download PDF

      Overview

      Ingress is a collection of rules that allow access to Services of a cluster. You can configure different forwarding rules to allow different URLs to access different Services. To properly run Ingress resources, the cluster must run an Ingress controller. TKE enables the CLB-based l7-lb-controller by default in the cluster. It supports HTTP and HTTPS as well as other self-built Ingress controllers in the cluster. You can select different Ingress types based on your business needs.

      Notes

      The architecture of Tencent Cloud Load Balancer (CLB) has been upgraded on March 6, 2023. After the upgrade, public network CLB instances deliver services through domain names. As service traffic increases, the VIP changes dynamically. Therefore, the VIP of a CLB instance is no longer displayed in the console. For more information, see Launch of Domain Name-Based Public CLB Instances.
      For new Tencent Cloud users, the upgraded domain name-based CLB instances are used by default.
      Existing users can choose to continue to use the original CLB instances, which are not affected by the upgrade. If you need to upgrade the CLB service, you need to upgrade both CLB and TKE. Otherwise, the synchronization of all public network Service/Ingress add-ons in TKE may be affected. For how to upgrade CLB, see Upgrading to Domain Name-based CLB. For how to upgrade TKE Service/Ingress add-ons, submit a ticket.
      Ingress API version support: extensions/v1beta1 and networking.k8s.io/v1beta1 ingress APIs are no longer provided in v1.22. networking.k8s.io/v1 APIs are available since v1.19 (which is v1.20 for TKE because TKE supports only even versions). For more information, see Kubernetes documentation.
      Do not use the same CLB for TKE and CVM.
      For a CLB managed by TKE, you cannot modify its listeners, forward paths, certificates, and backend-bound servers on the CLB console. Changes made on the CLB console will be automatically overwritten by TKE.
      When using an existing CLB:
      You can only use load balancers created through the CLB console, not balancers automatically created by TKE.
      Do not use one CLB for multiple Ingresses.
      Do not use the same CLB for Ingress and Service.
      After you delete an Ingress, the real server bound to the reused CLB will need to be unbound manually. tag tke-clusterId: cls-xxxx will be kept for the CLB and will need to be cleared manually.
      By default, you can create up to 50 forwarding rules under a single CLB instance. If you need more, submit a ticket to increase the quota.
      The management and sync of configurations between Ingress and CLB instances are based on the resource object of the LoadBalancerResource type named the CLB ID. Do not perform any operations on this CRD; otherwise, the Ingress may fail.

      Managing Ingress in Console

      Creating an Ingress

      1. Log in to the TKE console.
      2. In the left sidebar, click Cluster to go to the cluster management page.
      3. Click the cluster ID where the Ingress needs to be created to go to the cluster management page.
      4. Select Service > Ingress to go to the Ingress information page.
      5. Click Create to go to the Create an Ingress page.
      
      6. Set the Ingress parameters based on your actual needs. The key parameters are as follows:
      Ingress name: Custom.
      Network type: The default value is Public network. Select another network if needed.
      IP Version: You can select IPv4 or IPv6 NAT64 as needed.
      Load balancer: Create one automatically or use an existing CLB.
      Namespace: Select the namespace based on your actual needs.
      Forwarding Configuration: The default value of Protocol is Http. You can select a protocol as needed. If you select Https, you need to bind the server certificate to ensure access security.
      
      For more information, see Certificate Requirements and Certificate Format Conversion.
      Forwarding configuration: Set this parameter as needed.
      7. Click Create Ingress to create an Ingress.

      Updating an Ingress

      Updating YAML

      1. Log in to the TKE console.
      2. In the left sidebar, click Cluster to go to the cluster management page.
      3. Click the cluster ID for which you want to update the YAML to go to the cluster management page.
      4. Select Service > Ingress to go to the Ingress information page.
      
      5. In the row of the Ingress for which you want to update YAML, click Edit YAML to go to the Update an Ingress page.
      6. On the Update an Ingress page, edit YAML and click Complete to update YAML.

      Updating a forwarding rule

      1. On the cluster management page, click the cluster ID for which you want to update the YAML to go to the cluster management page.
      2. Select Service > Ingress to go to the Ingress information page.
      
      3. In the row of the Ingress for which you want to update the forwarding rule, click Update the forwarding configuration to go to the Update forwarding configuration page as shown in the figure below:
      
      4. Modify the forwarding configuration based on your actual needs and click Update forwarding configuration to complete the update.

      Managing Ingresses Using Kubectl

      YAML sample

      apiVersion: extensions/v1beta1
      kind: Ingress
      metadata:
        annotations:
          kubernetes.io/ingress.class: qcloud ## Options: qcloud (CLB-type Ingress), nginx (nginx-ingress), traefik 
          ## kubernetes.io/ingress.existLbId: lb-xxxxxxxx  ## Specify an existing load balancer to be used to create the Ingress for public/private network access.
          ## kubernetes.io/ingress.subnetId: subnet-xxxxxxxx  ## If you are creating a CLB-type private network Ingress, you need to specify this annotation.
        name: my-ingress
        namespace: default
      spec:
        rules:
        - host: localhost
          http:
            paths:
            - backend:
                serviceName: non-service
                servicePort: 65535
              path: /
      kind: Ingress resource type.
      metadata: Basic information such as Ingress name and Label.
      metadata.annotations: An additional description of the Ingress. You can set additional enhancements for TKE through this parameter.
      spec.rules: Ingress forwarding rule, which can be configured to implement a simple routing service, domain name-based simple fan-out routing, default domain name for simple routing, and a securely configured routing service.

      annotations: create an Ingress for public/private network access using an existing load balancer

      If the existing application CLB is idle and you want to use it for an Ingress created by TKE or you want to use the same CLB within the cluster, you can set it using the following annotations:
      Note
      Please read the Notes before use.
      metadata:
        annotations:
          kubernetes.io/ingress.existLbId: lb-6swtxxxx

      annotations: create a private network Ingress of the CLB type

      If you need to use a private network CLB, set it with the following annotations:
      metadata:
        annotations:
          kubernetes.io/ingress.subnetId: subnet-xxxxxxxx

      Notes

      If you are using an account with IP bandwidth packages, you need to specify the following two annotations when creating a service accessible to the public network:
      kubernetes.io/ingress.internetChargeType identifies the public network bandwidth billing method. Options include:
      TRAFFIC_POSTPAID_BY_HOUR (bill-by-traffic)
      BANDWIDTH_POSTPAID_BY_HOUR (bill-by-bandwidth)
      kubernetes.io/ingress.internetMaxBandwidthOut identifies the bandwidth cap (value range: [1, 2000] Mbps). Example:
      metadata:
      annotations:
        kubernetes.io/ingress.internetChargeType: TRAFFIC_POSTPAID_BY_HOUR
        kubernetes.io/ingress.internetMaxBandwidthOut: "10"
      For more information on IP bandwidth packages, see Bandwidth Package Types.

      Creating an Ingress

      1. Prepare the Ingress YAML file as instructed in the YAML sample.
      2. Install kubectl and connect to a cluster. For detailed operations, see Connecting to a Cluster.
      3. Run the following command to create the Ingress YAML file:
      kubectl create -f Ingress YAML filename
      For example, to create an Ingress YAML file named “my-ingress.yaml”, run the following command:
      kubectl create -f my-ingress.yaml
      4. Run the following command to check whether the creation is successful:
      kubectl get ingress
      If a message similar to the following is returned, the creation is successful.
      NAME          HOSTS       ADDRESS   PORTS     AGE
      clb-ingress   localhost             80        21s

      Updating an Ingress

      Method 1

      Run the following command to update an Ingress:
      kubectl edit  ingress/[name]

      Method 2

      1. Manually delete the old Ingress.
      2. Run the following command to recreate an Ingress:
      kubectl create/apply
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy