NGINX Ingress Controller on Google Kubernetes Engine
In Kubernetes, Ingress allows external users and client applications access to HTTP services. Ingress consists of two components: an Ingress Resource and an Ingress Controller:
- Ingress Resource is a collection of rules for the inbound traffic to reach Services. These are Layer 7 (L7) rules that allow hostnames (and optionally paths) to be directed to specific Services in Kubernetes.
- Ingress Controller acts upon the rules set by the Ingress Resource, typically via an HTTP or L7 load balancer. It is vital that both pieces are properly configured so that traffic can be routed from an outside client to a Kubernetes Service.
NGINX—a high performance web server—is a popular choice for an Ingress Controller because of its robustness and the many features it boasts. For example, it supports:
- Websockets, which allows you to load balance Websocket applications.
- SSL Services, which allows you to load balance HTTPS applications.
- Rewrites, which allows you to rewrite the URI of a request before sending it to the application.
- Session Persistence (NGINX Plus only), which guarantees that all the requests from the same client are always passed to the same backend container.
- JWTs (NGINX Plus only), which allows NGINX Plus to authenticate requests by validating JSON Web Tokens (JWTs).
The following diagram illustrates the basic flow of an Ingress Controller in GCP and gives you a rough idea of what you'll be building:
加入 Qwiklabs 即可阅读本实验的剩余内容…以及更多精彩内容！
- 获取对“Google Cloud Console”的临时访问权限。
- 200 多项实验，从入门级实验到高级实验，应有尽有。
Create a Kubernetes cluster
Create a tiller Service Account
Deploy an application in Kubernetes Engine
Expose the created deployment as a service
Deploy the NGINX Ingress Controller via Helm