What is Kubernetes Ingress?

Kubernetes Ingress is a resource that manages external access to services in a Kubernetes cluster, typically HTTP.

Why is Ingress needed?

Ingress provides advanced load balancing features and reduces costs by allowing multiple services to share a single IP address.

What problems does Ingress solve?

Ingress addresses the limitations of Kubernetes services in load balancing capabilities and the high costs associated with using multiple load balancer services.

What is an Ingress controller?

An Ingress controller is a load balancer that implements the Ingress resource, managing traffic routing based on defined rules.

How do I install an Ingress controller?

You can install an Ingress controller like NGINX using commands specific to your Kubernetes setup, such as 'minikube addons enable ingress'.

Can I use Ingress for TLS-based routing?

Yes, Ingress can be configured for TLS-based routing to secure traffic.

What is the difference between a LoadBalancer service and Ingress?

A LoadBalancer service creates a separate IP for each service, while Ingress allows multiple services to share a single IP, reducing costs.

What is path-based routing in Ingress?

Path-based routing allows you to direct traffic to different services based on the request path.

How do I create an Ingress resource?

You create an Ingress resource by defining it in a YAML file and applying it using 'kubectl apply -f <filename>'.

What should I do if my Ingress resource is not working?

Ensure that the Ingress controller is installed and running, and check the logs for any errors.

DAY-38 | KUBERNETES INGRESS | WATCH DEMO USING LINK IN DESCRIPTION | #kubernetes #devops #freecourse

00:39:17

https://www.youtube.com/watch?v=47ck6bh6dfI

Résumé

TLDRIn this video, Abhishek discusses Kubernetes Ingress, a crucial component for managing external access to services in a Kubernetes cluster. He explains the common challenges users face, such as understanding the need for Ingress and the practical implementation issues. The video highlights the limitations of Kubernetes services, particularly in load balancing and cost implications when using multiple load balancer services. Ingress is introduced as a solution that provides advanced load balancing features and allows multiple services to share a single IP address, thus reducing costs. The video covers both theoretical concepts and practical steps for setting up Ingress, including the installation of an Ingress controller and creating Ingress resources for routing traffic to services. Abhishek emphasizes the importance of understanding these concepts for effective Kubernetes management and preparation for interviews.

A retenir

🔍 Understanding the necessity of Ingress in Kubernetes.
💡 Ingress solves load balancing limitations of Kubernetes services.
💰 Ingress reduces costs by sharing a single IP address for multiple services.
🛠️ Installation of Ingress controllers is essential for functionality.
📜 Ingress resources can be created for advanced traffic routing.
🔒 TLS-based routing can be configured using Ingress.
📈 Path-based routing allows directing traffic to specific services.
📊 Ingress provides enterprise-level load balancing capabilities.
📝 Practical implementation is crucial for mastering Ingress.
💬 Review and follow additional resources for deeper understanding.

Chronologie

00:00:00 - 00:05:00
Abhishek introduces the topic of Kubernetes Ingress, explaining its importance and the common difficulties people face with it, particularly in understanding its necessity and practical implementation. He mentions that he will cover both theory and practical aspects in the video.
00:05:00 - 00:10:00
He discusses the limitations of Kubernetes services, particularly in load balancing capabilities compared to traditional enterprise load balancers. He highlights the features that Kubernetes services lack, which are essential for users migrating from legacy systems.
00:10:00 - 00:15:00
Abhishek outlines two main problems that Kubernetes users face: the lack of enterprise-level load balancing features in Kubernetes services and the high costs associated with creating multiple load balancer services for numerous applications.
00:15:00 - 00:20:00
He explains that Ingress was introduced to address these issues by allowing users to create a single resource that can manage traffic routing for multiple services, thus reducing costs and providing advanced load balancing features.
00:20:00 - 00:25:00
The video details how Ingress works, including the role of Ingress controllers, which are necessary for implementing the Ingress resource. He emphasizes that users must choose and deploy an Ingress controller to utilize Ingress effectively.
00:25:00 - 00:30:00
Abhishek demonstrates how to install an Ingress controller, specifically the NGINX Ingress controller, on a Minikube cluster. He explains the steps involved and the importance of having the Ingress controller running to make use of the Ingress resource.
00:30:00 - 00:39:17
Finally, he shows how to create an Ingress resource for host-based routing and discusses the need to update the /etc/hosts file for local testing. He encourages viewers to explore further documentation and practical examples to deepen their understanding of Kubernetes Ingress.

Afficher plus

Carte mentale

Vidéo Q&R

What is Kubernetes Ingress?
Kubernetes Ingress is a resource that manages external access to services in a Kubernetes cluster, typically HTTP.
Why is Ingress needed?
Ingress provides advanced load balancing features and reduces costs by allowing multiple services to share a single IP address.
What problems does Ingress solve?
Ingress addresses the limitations of Kubernetes services in load balancing capabilities and the high costs associated with using multiple load balancer services.
What is an Ingress controller?
An Ingress controller is a load balancer that implements the Ingress resource, managing traffic routing based on defined rules.
How do I install an Ingress controller?
You can install an Ingress controller like NGINX using commands specific to your Kubernetes setup, such as 'minikube addons enable ingress'.
Can I use Ingress for TLS-based routing?
Yes, Ingress can be configured for TLS-based routing to secure traffic.
What is the difference between a LoadBalancer service and Ingress?
A LoadBalancer service creates a separate IP for each service, while Ingress allows multiple services to share a single IP, reducing costs.
What is path-based routing in Ingress?
Path-based routing allows you to direct traffic to different services based on the request path.
How do I create an Ingress resource?
You create an Ingress resource by defining it in a YAML file and applying it using 'kubectl apply -f <filename>'.
What should I do if my Ingress resource is not working?
Ensure that the Ingress controller is installed and running, and check the logs for any errors.

Voir plus de résumés vidéo

Accédez instantanément à des résumés vidéo gratuits sur YouTube grâce à l'IA !

Sous-titres

Défilement automatique:

00:00:02
hello everyone my name is Abhishek and
00:00:04
welcome back to my channel so today we
00:00:06
are at day 38 of our complete devops
00:00:09
course and in this class we will be
00:00:11
learning about kubernetes Ingress so
00:00:14
people find this concept slightly tricky
00:00:17
or people find it slightly difficult
00:00:19
because of two reasons one is they don't
00:00:21
understand why Ingress is required right
00:00:24
if you don't understand why Ingress is
00:00:25
required then definitely you will find
00:00:27
the topic complicated and the second
00:00:29
thing is practical implementation so
00:00:32
people try it on their mini Cube
00:00:34
clusters or on their local kubernetes
00:00:35
clusters and they will not succeed with
00:00:38
the setup so that's one of the other
00:00:39
reasons why people find it difficult
00:00:41
I've also seen few videos and we also
00:00:44
have created a end-to-end video on
00:00:46
Ingress on our particular channel so
00:00:49
I'll also share the link in the
00:00:50
description so that you can follow the
00:00:52
link where we have done end to end
00:00:54
complete practical on how to set up
00:00:56
Ingress and all of the things don't
00:00:57
worry even in today's class I'm going to
00:00:59
explain you both the theory
00:01:02
and the Practical okay so even if you
00:01:05
watch this video till the end you will
00:01:07
get a very detailed understanding on why
00:01:09
Ingress is required and how to
00:01:11
practically install Ingress and try out
00:01:13
the things so you know if you have
00:01:15
followed our previous class on service
00:01:17
Deep dive you know you'll be easily able
00:01:19
to understand today's topic so if you
00:01:21
haven't watched the video 37 that is on
00:01:24
Deep dive of kubernetes services I'll
00:01:26
highly recommend you to go and watch
00:01:28
video number 37 on the complete devops
00:01:30
course and only then come back so that
00:01:32
you understand the concept of Ingress
00:01:33
very well okay now without wasting any
00:01:36
time because we have to cover a lot of
00:01:37
things in this specific video let me
00:01:39
jump onto the video okay so firstly what
00:01:42
is ingress
00:01:46
so you must be asking me that Abhishek
00:01:48
in the last class we used kubernetes
00:01:50
services
00:01:51
and service was offering me a lot of
00:01:54
good things right so I explained to that
00:01:56
service was offering you service
00:01:58
Discovery mechanism on kubernetes so it
00:02:00
is solving this problem it was also
00:02:02
doing a load balancing for you right
00:02:05
services for doing the load balancing we
00:02:07
have seen using the cube shark utility
00:02:08
as well in the last video and it was
00:02:11
also exposing the applications to
00:02:12
external world then why you need a tool
00:02:16
like Ingress or why you need a concept
00:02:17
like Ingress and what problem is it
00:02:19
solving so before 2015 uh December I
00:02:23
guess or November so that was before
00:02:26
kubernetes version release 1.1
00:02:29
Ingress was not even there okay so
00:02:33
people were using kubernetes without
00:02:35
Ingress that was that means people were
00:02:38
using kubernetes with just service
00:02:39
concept okay and Ingress without Ingress
00:02:43
so what they used to do was similarly uh
00:02:45
like we were doing till the last class
00:02:47
so people used to create a deployment
00:02:50
which would create a pod right and
00:02:52
additionally because you are creating a
00:02:54
deployment you you will get Auto healing
00:02:57
and auto scaling right these features
00:02:59
and then you will create a service on
00:03:01
top of it so that you can expose your
00:03:04
application within your kubernetes
00:03:05
cluster or outside the kubernetes
00:03:07
cluster using the load balancer
00:03:10
that is using the load balancer mode of
00:03:12
your service but there are some
00:03:15
practical problems which people realized
00:03:17
after using kubernetes okay so once
00:03:19
people started using kubernetes so
00:03:21
obviously these users who migrated to
00:03:23
kubernetes were migrating from the
00:03:25
Legacy systems like like people used to
00:03:28
have virtual machines or physical
00:03:30
servers on top of that they used to
00:03:32
install their applications okay and what
00:03:34
people used to do was they used to use a
00:03:37
load balancer
00:03:39
so these load balancers were something
00:03:42
like you know people used to use uh
00:03:45
engine X
00:03:46
engine X or you know people used to use
00:03:48
fi load balancer or any other load
00:03:51
balancers that they want to use on their
00:03:53
virtual machines or physical servers
00:03:55
okay and these are some Enterprise load
00:03:58
balancers
00:03:59
okay so what is enterprise load
00:04:01
balancing so they offer very good load
00:04:04
balance and capability load balancing
00:04:06
capabilities like for example you can do
00:04:08
ratio based load balancing that is you
00:04:11
can say uh send three requests to pod
00:04:13
number one seven request to pod number
00:04:15
two you don't have pods in the virtual
00:04:17
machines but just for your understanding
00:04:18
I'm explaining you okay you can do ratio
00:04:20
based you can do sticky sessions that
00:04:23
means if one request is going to pod one
00:04:26
then all the requests of that specific
00:04:28
user have to go to pod one only okay so
00:04:31
this is called sticky sessions they can
00:04:32
use path based load balancing they can
00:04:35
use domain or host based load balancing
00:04:38
okay they support uh you know
00:04:40
whitelisting that means only allow
00:04:43
specific customers to access the
00:04:45
application they can do blacklisting
00:04:48
that means to say okay so these
00:04:50
customers are like hackers do not allow
00:04:51
any users coming from Pakistan for
00:04:53
example or do not allow any users coming
00:04:56
from USA do not allow any users coming
00:04:58
from Russia so you can Define your
00:05:00
traffic and you can say that okay so
00:05:03
this is the concept or these are the
00:05:05
capabilities that Enterprise load
00:05:07
balancers support
00:05:09
now the problem was when these people
00:05:12
who were doing this virtual machines and
00:05:14
applications when they migrated from
00:05:16
this to kubernetes okay so initially
00:05:19
they were very happy that kubernetes was
00:05:22
offering you Auto healing Auto scaling
00:05:24
automatic service Discovery uh exposing
00:05:27
the applications to external world so
00:05:28
you know people used to create the same
00:05:30
things that we we did like you know they
00:05:32
used to create a deployment after the
00:05:34
deployment they used to create a service
00:05:36
right and using the services they used
00:05:40
to get all the features that are
00:05:41
available and using the deployment they
00:05:43
used to get the healing and scaling
00:05:45
capabilities but off late they realized
00:05:47
that okay service was providing load
00:05:49
balancing mechanism but the load
00:05:51
balancing mechanism the service was
00:05:53
providing is a simple
00:05:55
round
00:05:57
Robin load balancing what is round robin
00:06:00
if you are doing 10 requests what this
00:06:02
specific uh service using Q proxy right
00:06:05
Cube proxy is updating your IP table
00:06:07
rules what it does is it will send file
00:06:09
requests to pod number one and it will
00:06:10
send five requests to pod number two
00:06:12
let's assume there are two pods but this
00:06:15
is a very simple load balancing because
00:06:17
people were coming from uh virtual
00:06:19
machines and they used to get all of
00:06:21
these features against what they are
00:06:23
getting in kubernetes is a very simple
00:06:24
round robin they are not getting all of
00:06:26
these features and these are only list
00:06:28
of features I gave you the commercial or
00:06:30
the Enterprise load balancers they can
00:06:33
offer hundreds of features okay so you
00:06:35
can simply read and you will see that
00:06:37
you can do a web application firewall
00:06:39
you can do uh you know a lot of
00:06:42
configurations like TLS you can add more
00:06:45
security using TLS so these load
00:06:47
balancers offers all of these features
00:06:49
okay so I within uh during this video
00:06:52
itself I have listed 10 close to 10
00:06:54
features which kubernetes was not
00:06:56
supporting so these people were unhappy
00:06:59
with kubernetes okay so they said that
00:07:01
okay a service was doing few things but
00:07:03
still we are not happy and the other
00:07:05
thing that they have noticed this is
00:07:07
problem number one and the problem
00:07:08
number two is uh you can expose your
00:07:11
applications to external World using
00:07:13
load balancer mode service right you can
00:07:16
create your service as load balancer
00:07:18
mode
00:07:19
but what is the problem is every time
00:07:22
like let's say you have 100 Services if
00:07:25
you take companies like Amazon they have
00:07:27
some thousands of services okay so for
00:07:30
each of the service when they create the
00:07:32
service as type load balancer mode
00:07:35
you know the cloud provider was charging
00:07:37
them for each and every IP address
00:07:40
because these are Dynamic and public IP
00:07:43
address sorry sorry these are static
00:07:47
public IP address so they don't charge
00:07:49
for the dynamic IP address but whenever
00:07:50
the IP address becomes static so for
00:07:53
static load balancing IP addresses and
00:07:55
static public load balancing IP address
00:07:57
so if there are thousands of micro
00:07:59
services or if there are thousands of
00:08:01
services that you require for your
00:08:03
applications on kubernetes so cloud
00:08:05
provider was charging very heavy
00:08:09
and Cloud providers are right in their
00:08:11
terms because you are asking them for a
00:08:14
static load balancing IP address and
00:08:15
they are charging you for money okay so
00:08:18
this is another problem that these these
00:08:20
people were facing in the previous
00:08:22
example okay what they used to do is
00:08:24
because there was only one load balancer
00:08:27
okay in the contrary you have for each
00:08:29
application you have one service right
00:08:31
but on the physical or virtual virtual
00:08:33
servers people used to create one load
00:08:35
balancer whether you have one
00:08:37
application two application three
00:08:38
applications so they used to configure
00:08:40
in their load balancer like okay if the
00:08:42
request is coming to amazon.com
00:08:46
slash
00:08:47
ABC send request to app one if it is
00:08:51
coming to slash XYZ go to app2 and they
00:08:54
used to only expose this application uh
00:08:56
sorry they only used to expose these
00:08:58
load balancer with static public IP
00:09:00
address
00:09:03
so what is happening is here they just
00:09:05
have one IP address which they are
00:09:07
getting from the cloud provider or even
00:09:09
within their organization they are only
00:09:11
exposing one specific IP address whereas
00:09:14
here what is happening is you are
00:09:16
exposing thousands of IP address and you
00:09:18
are getting charged so this is problem
00:09:20
number two so let us write the two
00:09:22
problems so that it is very clear to you
00:09:24
before I jump on to Ingress and how
00:09:25
Ingress is solving this problem what is
00:09:28
the problem number one
00:09:29
okay so the problem number one that we
00:09:33
discussed is
00:09:35
Enterprise
00:09:39
and
00:09:41
TLS that is secure load balancing
00:09:44
capabilities
00:09:45
so if you are using a service this thing
00:09:48
is missing people who are coming from
00:09:50
the virtual machines they had very good
00:09:53
load balancing capabilities like one two
00:09:55
three four five that I discussed in the
00:09:57
previous slide like for example I can
00:09:59
give you a basic example like it is
00:10:01
missing sticky sessions then it is
00:10:03
missing uh TLS based load balancing that
00:10:05
is secure load balancing https based
00:10:07
load balancing then the other thing it
00:10:09
is missing was uh some uh a path based
00:10:13
load balancing like I just told you host
00:10:15
based load balancing or domain-based
00:10:17
load balancing so if request is going to
00:10:19
amazon.com go to this specific
00:10:20
application if the request is going to
00:10:22
amazon.in go to other applications so
00:10:24
that is host based load balancing and
00:10:26
then there are many other things like uh
00:10:28
like I told you ratio based load
00:10:30
balancing
00:10:31
so I can write this list to 15 to 20
00:10:34
different things on top of my head but
00:10:37
you know it will only waste our time so
00:10:39
what what is the thing is the services
00:10:42
in kubernetes was not offering all of
00:10:44
this Enterprise level capabilities and
00:10:46
the second point is
00:10:49
I just told you that if you are creating
00:10:51
a service of type load balancer
00:10:55
then for each service kubernetes will
00:10:58
charge you kubernetes will not charge
00:11:00
you the cloud provider will actually
00:11:01
charge you right so the cloud provider
00:11:03
will charge you this is a very important
00:11:05
interview question as well people will
00:11:07
ask you what is the difference between
00:11:08
load balancer type service and the uh
00:11:12
traditional
00:11:13
kubernetes Ingress okay so what you will
00:11:16
answer is the load balancing type
00:11:18
service was good but it was missing all
00:11:20
of these capabilities and also you will
00:11:22
say that the cloud provider will charge
00:11:24
you for each and every load balancer
00:11:27
service type like if there are thousands
00:11:29
of services you will be getting charged
00:11:31
for thousands of load balancer static
00:11:33
public IP addresses okay so these are
00:11:35
the two problems and these two problems
00:11:37
you have to remember and it they have to
00:11:39
be on top of your head because this is
00:11:41
very important interview Point okay so
00:11:44
people will definitely ask you in your
00:11:46
uh interviews that what is ingress or
00:11:48
why Ingress has to be created what is
00:11:50
difference between load balancer service
00:11:52
type and Ingress so these questions will
00:11:54
keep coming so definitely you have to
00:11:56
remember those two points and now how
00:11:59
Ingress is solving those problem okay so
00:12:01
what now kubernetes said is
00:12:03
so kubernetes also admitted the problem
00:12:05
so kubernetes said that yeah we
00:12:07
understand and till that point what
00:12:09
happened was open shift open shift which
00:12:12
is red hat openshift which is again a
00:12:14
kubernetes distribution they have
00:12:16
implemented something called as
00:12:17
openshift routes which is very similar
00:12:19
to kubernetes Ingress so kubernetes has
00:12:22
understood that okay openshift has also
00:12:23
implemented something to solve the
00:12:25
problem and even many users are
00:12:27
requesting us saying that okay so this
00:12:29
is a very valid problem when we were on
00:12:31
Virtual machines this is VM and this is
00:12:33
kubernetes
00:12:34
okay so these customers kept on
00:12:37
complaining on kubernetes GitHub page
00:12:39
that when we were on Virtual machines we
00:12:41
were enjoying all the good capabilities
00:12:43
of load balancers
00:12:45
okay and because of which our
00:12:48
applications were very secure because of
00:12:50
which you know we had reduced cost but
00:12:53
once we moved to kubernetes we realized
00:12:55
that this is a very big problem
00:12:58
so kubernetes people have also agreed to
00:13:00
it and what people at kubernetes said is
00:13:03
okay we will Implement something called
00:13:05
Ingress
00:13:07
okay so we will allow the users of
00:13:11
kubernetes to create a resource called
00:13:14
Ingress and what you people have to do
00:13:16
who are these people like nginx
00:13:20
F5
00:13:22
ambassador okay traffic
00:13:28
uh what are the other things like okay
00:13:31
there are bunch of h a proxy so
00:13:34
these were the top load balancers that
00:13:37
people were using uh here on the virtual
00:13:39
machines I don't think Ambassador was
00:13:41
there till now but okay that doesn't
00:13:42
matter so people were using these uh top
00:13:45
load balancers and what kubernetes said
00:13:47
is okay I cannot Implement for each and
00:13:49
every load balancer so what I'll do is I
00:13:52
will tell my users to create something
00:13:54
called as a Ingress resource okay so as
00:13:56
a kubernetes user you will create a user
00:13:59
sorry you will create a resource called
00:14:01
Ingress resource and now all of these
00:14:06
load balancers okay so all of these
00:14:08
companies what they will do is
00:14:10
kubernetes set them that you create
00:14:12
something called as Ingress controller
00:14:15
now what is this Ingress controller okay
00:14:18
so on a high level if you are creating
00:14:20
Ingress resource on your kubernetes
00:14:22
cluster and if you are saying that I
00:14:24
need a path based routing for example
00:14:26
okay so you realize that you are missing
00:14:29
the path based routing on kubernetes
00:14:31
which you are very heavily using on your
00:14:32
virtual machines so you can come to your
00:14:34
kubernetes cluster create a Ingress
00:14:36
resource I'll show you the example don't
00:14:38
worry and you can say that okay I want
00:14:40
to create path based routing so you can
00:14:42
kubernetes at that okay create one yaml
00:14:44
file and inside the DML file say that
00:14:47
you know I want Pathways routing so you
00:14:49
said the same thing but who will
00:14:51
implement this okay so who will decide
00:14:54
that which load balancer you want to use
00:14:57
so there are hundreds of load balancers
00:14:59
in the market so what kubernetes said is
00:15:01
okay we cannot support all of you uh you
00:15:03
know we cannot create the logic for all
00:15:05
of you in the kubernetes master or the
00:15:07
API server instead you people create
00:15:09
something called as Ingress controller
00:15:10
okay what does English controller mean
00:15:13
so let's say that you want to create uh
00:15:16
this specific capability using nginx
00:15:18
load balancer so the nginx company will
00:15:21
write a nginx Ingress controller and as
00:15:23
kubernetes users on this kubernetes
00:15:26
cluster you will deploy the Ingress
00:15:28
controller okay you can deploy that
00:15:30
using Helm charts you can deploy that
00:15:32
using yaml manifest okay and once you
00:15:35
deploy the developer or again the devops
00:15:38
engineers they will create the Ingress
00:15:40
ml service yaml resource for their
00:15:42
kubernetes services okay so this Ingress
00:15:46
controller will watch for the Ingress
00:15:47
resource and it will provide you the
00:15:49
path based routing okay so if it is
00:15:52
complicated don't worry I'm explaining
00:15:54
again okay so for example let's say this
00:15:57
is your kubernetes cluster
00:16:00
what you are doing is you are creating a
00:16:01
pod for example okay so you are writing
00:16:04
a yaml manifest for this and you have
00:16:06
created a part now what will happen like
00:16:09
I told you there is a component called
00:16:10
cubelet
00:16:12
this cubelet will deploy your pod onto
00:16:15
one of the worker nodes so cubelet will
00:16:17
also sit on the worker node and API
00:16:19
server will notify cubelet using
00:16:21
scheduler that okay a pod is created and
00:16:23
cubelet will deploy the pod
00:16:26
right and similarly let's say you are
00:16:29
creating
00:16:31
a service yaml manifest okay so there is
00:16:34
Q proxy
00:16:36
and this Q proxy will what it will do
00:16:39
this Q proxy will update the IP table
00:16:41
rules so for every resource that you are
00:16:44
creating in kubernetes there is a
00:16:46
component which is watching for that
00:16:48
resource and it is performing the
00:16:49
required action okay so similarly even
00:16:53
if you are creating Ingress in
00:16:54
kubernetes let's say you are creating
00:16:56
Ingress
00:16:58
so there has to be a resource
00:17:02
or component or a controller
00:17:05
which has to watch for this Ingress
00:17:07
right so this was the problem so
00:17:09
kubernetes said that okay I can create
00:17:12
Ingress resource but if I have to
00:17:14
implement Logic for all the load
00:17:16
balancers that are available in the
00:17:17
market that is nginx F5 traffic
00:17:20
Ambassador HF proxy so kubernetes said
00:17:24
that okay it is technically impossible I
00:17:26
cannot do it so what I'll do is I'll
00:17:28
come up with the architecture and the
00:17:30
architecture is user
00:17:33
will create Ingress resource
00:17:37
okay
00:17:39
load balancing companies
00:17:43
like nginx
00:17:46
F5 or any other load balancing companies
00:17:48
they will write their own Ingress
00:17:51
controllers
00:17:54
and they will place these Ingress
00:17:55
controllers on GitHub and they will
00:17:58
provide the steps on how to install this
00:18:00
Ingress controllers using Helm charts or
00:18:02
any other ways and as a user instead of
00:18:06
just creating Ingress resource you also
00:18:09
have to deploy Ingress controller okay
00:18:12
so it is up to the organization to
00:18:16
choose which Ingress controller they
00:18:18
want to use what is ingress control at
00:18:20
the end of the day it is just a load
00:18:21
balancer
00:18:23
right sometimes it can be a load
00:18:26
balancer plus API Gateway as well API
00:18:28
Gateway offers you some additional
00:18:29
capabilities okay
00:18:31
so end of the day what you need to do as
00:18:35
a user is on your kubernetes cluster the
00:18:38
prerequisite is deploy a Ingress
00:18:40
controller which Ingress controller you
00:18:42
will deploy let's say in your virtual
00:18:44
machines world before you move to
00:18:46
kubernetes if you are using nginx
00:18:49
so you will go to nginx GitHub page and
00:18:52
you will deploy the nginx Ingress
00:18:54
controller onto the kubernetes cluster
00:18:56
after that you will create Ingress
00:18:58
resource depending upon the capabilities
00:19:00
that you need okay if you need path
00:19:02
based routing you will create one type
00:19:05
of Ingress if you need TLS based Ingress
00:19:07
you will create one type of Ingress if
00:19:10
you need host base you will create one
00:19:11
type of Ingress so this is one time
00:19:13
activity the one time activity for the
00:19:15
devops engineers is to decide which
00:19:17
Ingress controller they want what what
00:19:19
is ingress controller to decide which
00:19:21
load balancer they want okay it can be
00:19:23
nginx it can be a file and they will go
00:19:26
to their organizational GitHub page they
00:19:28
will find the steps on how to deploy
00:19:30
this and once they realize how to deploy
00:19:32
they will after that it can be one
00:19:35
service two service 100 Services they
00:19:37
will only write the Ingress resource
00:19:39
once they write the Ingress resource
00:19:41
like you know Ingress does not have to
00:19:43
be one-to-one mapping okay you can
00:19:45
create one Ingress and you know you can
00:19:48
handle 100 of services as well using
00:19:50
paths you can say if path is a go to
00:19:53
service one if path is B go to service
00:19:54
two I'll show you that don't worry about
00:19:56
it but you understood the topic here
00:19:59
right what was the problem why Ingress
00:20:01
was introduced what is ingress
00:20:03
controller you understood all of these
00:20:04
things so once you understand this
00:20:06
concept it is very easy for you okay so
00:20:09
the major thing that you have to
00:20:10
understand is the problem number one
00:20:12
that Ingress is solving that is the
00:20:15
kubernetes services did not have
00:20:17
Enterprise level load balancing
00:20:20
capabilities and which is very very
00:20:21
important you will say that move to
00:20:23
kubernetes because containers are very
00:20:25
lightweight because all of blah blah
00:20:27
blah blah blah but without security
00:20:32
without good load balancing capabilities
00:20:35
nobody will move to kubernetes and
00:20:37
kubernetes has realized that so that's
00:20:39
why they have introduced Ingress and the
00:20:41
problem number two was if you are
00:20:43
creating a service of type load balancer
00:20:46
mode
00:20:47
Cloud providers were charging you for
00:20:49
each and every IP address okay so these
00:20:51
were the two problems that Ingress was
00:20:52
solved you understood this thing and the
00:20:54
next thing that you need to understand
00:20:55
after this is okay how to install
00:20:58
Ingress like if you just followed the uh
00:21:03
document till here or the presentation
00:21:04
tool here and to you will go to your
00:21:06
kubernetes cluster you will find one
00:21:08
Ingress example for the yaml file and
00:21:11
you will just create a Ingress resource
00:21:13
what will happen nothing will happen
00:21:15
because you don't have Ingress
00:21:16
controller on your cluster okay so if
00:21:19
the Ingress controller is missing
00:21:22
then you might create one Ingress two
00:21:25
Ingress hundred Ingress nothing will
00:21:27
happen because the Ingress is of no use
00:21:29
without Ingress controller and what is
00:21:31
ingress controller Ingress controller is
00:21:33
a load balancer that you can choose from
00:21:35
the requirement okay if you want engine
00:21:38
mixing nginx load balancer you can
00:21:39
create nginx Ingress controller if you
00:21:41
want fi uh or big-ip load balancer you
00:21:45
can choose fi Ingress controller if you
00:21:47
want uh HF proxy then you can create h a
00:21:50
proxy Ingress controller okay once you
00:21:52
create this Ingress controllers once the
00:21:54
Ingress resource is created on the
00:21:56
cluster they will watch for the Ingress
00:21:57
resource and they will what they will do
00:22:00
is basically they will provide you the
00:22:02
required capability if you require path
00:22:04
based load balancing they will help you
00:22:05
with path based load balancing if you
00:22:07
require host base it will help you with
00:22:09
host place so this is the theory part I
00:22:11
hope the thing is clear till here if it
00:22:13
is not clear you have to watch the video
00:22:15
one more time before we jump onto the
00:22:16
Practical because theory is very very
00:22:18
important and your interview questions
00:22:20
will be on Theory
00:22:21
perfect so now let me stop sharing here
00:22:24
and let me jump on to my other screen
00:22:27
and show you how to install and how to
00:22:29
configure
00:22:31
okay so let me get my terminal
00:22:35
let me start sharing the screen
00:22:40
perfect so this is my screen and in the
00:22:42
last class we learned to tell Services
00:22:44
okay so what I'll do is let me check if
00:22:47
I have the same state if I do Cube CTL
00:22:50
get pods uh yeah I have this deployments
00:22:53
that we create these pods that we
00:22:54
created in the last class and if I do
00:22:56
Cube CTL get service as well perfect the
00:22:59
service is also available so this is the
00:23:00
service and if you have followed my last
00:23:03
class I showed you how to create
00:23:05
deployment.yaml and how to create
00:23:06
service.aml as well and many people have
00:23:08
tried it I watched in the comment
00:23:10
section so really appreciate you people
00:23:11
for doing it perfect so now let us see
00:23:15
if I can access the service on the first
00:23:17
fall okay so I created this service as
00:23:19
node Port service and this is the port
00:23:21
so what I'll do is firstly I'll get the
00:23:24
mini Cube IP address so this is the mini
00:23:26
Cube IP address so I can just use the
00:23:28
curl command
00:23:30
perfect so I am getting the output learn
00:23:32
devops with some strong foundational
00:23:34
knowledge
00:23:36
great so we are able to verify that our
00:23:40
service is running our service is
00:23:43
watching the pods and the application is
00:23:45
running now let me create a Ingress
00:23:48
resource for this and what we will do
00:23:50
with Ingress is we will set up a host
00:23:53
based load balancing okay so what is
00:23:55
host based load balancing
00:23:57
like I told you uh host based load
00:24:01
balancing is nothing but we can say that
00:24:03
okay in the previous example we try to
00:24:06
access using a curl Command right so
00:24:08
instead of this curl command I can say
00:24:10
that allow users when they try to reach
00:24:13
my uh specific service on example.com
00:24:16
okay or you can say hello if they try to
00:24:18
reach on example.com ABC okay so let us
00:24:23
try to see how to create this so again
00:24:25
there is no rocket science what I'll do
00:24:27
is I'll simply go to the kubernetes
00:24:28
official documentation so uh I'll just
00:24:31
say kubernetes Ingress
00:24:36
perfect so this is the official page for
00:24:38
kubernetes Ingress and what I'll do is
00:24:40
I'll just go here okay see the example
00:24:43
also here what these people are saying
00:24:45
is there is ingress managed load
00:24:47
balancer that is ingress controller okay
00:24:49
so you create an Ingress resource and
00:24:52
using this Ingress controller you know
00:24:54
you can Define how to route the traffic
00:24:56
for your applications or how to route
00:24:59
the traffic for your pods I'll also
00:25:01
paste the link in the description of the
00:25:03
previous video I I think I did the two
00:25:05
to three months back that is a very very
00:25:07
informative video because we spent
00:25:09
almost more than one hour explaining you
00:25:11
different types of Ingress resources how
00:25:14
to create them how to create a path
00:25:16
based load balancing how to do uh you
00:25:19
know SSL offloading how to do pass
00:25:21
through so lot of things in very detail
00:25:23
after watching this video if you have
00:25:24
time definitely watch that video as well
00:25:26
okay
00:25:28
perfect so here I'll just copy this
00:25:31
example instead of this let me go for
00:25:33
host okay so this is an example which
00:25:35
has host go through all the examples uh
00:25:38
you can just follow the documentation
00:25:40
and you can go through all the examples
00:25:42
as well so I will do Ingress Dot yaml
00:25:46
okay and what I will do is I'll just
00:25:49
modify these fields so instead of
00:25:51
Ingress wildcard host I'll just say
00:25:54
Ingress example
00:25:58
so let let us keep the same food.bar.com
00:26:01
no problem with it right instead of
00:26:03
example.com let us just keep it as
00:26:05
food.bar.com and now I'll say if anybody
00:26:08
wants to reach my application my service
00:26:10
okay so if they hit on food.word.com
00:26:14
slash bar okay so they should reach the
00:26:17
service one and they should you know
00:26:20
typically you have to provide what is
00:26:22
your service name and what is your
00:26:23
service port so let us see what is my
00:26:26
service name Cube CTL
00:26:28
get SVC so this is my service name right
00:26:32
so let me go to my Ingress yaml and let
00:26:36
me just replace the service name my port
00:26:38
number is 18 so I don't have any problem
00:26:40
there
00:26:41
perfect so now let us deploy this file
00:26:45
Cube CDL apply minus F Ingress dot ml
00:26:49
and let me see if something is happening
00:26:51
okay so the Ingress is created if I do
00:26:54
Cube CTL get Ingress you will notice
00:26:56
that the Ingress is created but the
00:26:59
address field is empty and you will see
00:27:01
that nothing will happen like even if I
00:27:03
try to replace this curl command and
00:27:05
instead of this what I'll do is I'll
00:27:07
just say
00:27:09
food.bar.com
00:27:12
so this is domain based routing okay so
00:27:15
what we are achieving here is domain
00:27:16
based routing and I will say
00:27:18
food.bar.com
00:27:20
for example what was the path that we
00:27:23
have provided slash bar okay and if I
00:27:26
try to hit nothing will happen here okay
00:27:28
so the reason here nothing is happening
00:27:30
is because you haven't created Ingress
00:27:33
controller right so only if you create
00:27:36
the Ingress controller then your uh this
00:27:40
thing will start working right the
00:27:42
Ingress should be read by Ingress
00:27:43
controller so what we need to do is
00:27:45
firstly install the Ingress controller
00:27:47
so let me install nginx Ingress
00:27:50
controller because nginx is a quite
00:27:52
popular one so again I'll just follow
00:27:54
the kubernetes documentation and say
00:27:55
kubernetes Ingress install and this is
00:27:59
the example documentation where I can
00:28:02
search for Ingress controller here there
00:28:04
are bunch of Ingress controllers that
00:28:06
kubernetes supports like I explained you
00:28:08
uh there is nothing like kubernetes
00:28:10
supports actually as load balancing
00:28:12
company is they can create the Ingress
00:28:14
controllers okay so all of these
00:28:16
companies have implemented their Ingress
00:28:17
controllers like nginx has their own you
00:28:20
know Ingress controller ha proxy as
00:28:21
their own fi has their own okay so
00:28:24
Apache has their own Ingress controller
00:28:25
like you can also create your own
00:28:27
Ingress controller if you have a load
00:28:28
balancer
00:28:29
perfect so let us see nginx Ingress
00:28:32
controller because it's a very
00:28:33
lightweight and simple Ingress
00:28:35
controller let us see how to install
00:28:37
so if you are trying to install on
00:28:40
minicube like they provide you some very
00:28:42
easy steps uh where is this
00:28:51
nginx Ingress controller works with
00:28:53
kubernetes perfect
00:28:55
so you can just say try nginx Ingress
00:28:57
controller okay here the steps are not
00:28:59
good I can just say kubernetes
00:29:04
nginx
00:29:06
Ingress controller
00:29:08
mini Cube because I am installing on
00:29:11
minicube so you know there is a very
00:29:13
good documentation straight forward like
00:29:15
you can use this same example that I'm
00:29:17
showing you just search for kubernetes
00:29:19
engine X Ingress controller mini Cube
00:29:21
and this is one simple command that will
00:29:23
install nginx Ingress controller on your
00:29:26
minicube cluster so all that you need to
00:29:28
do is mini Cube enable add-ons sorry
00:29:32
add-ons enable Ingress and that will
00:29:34
create a Ingress controller for you
00:29:36
right so it's a very simple step that
00:29:39
you have to do uh additionally like if
00:29:41
you want to know how to deploy Ingress
00:29:43
controller for your production like you
00:29:46
know in production you will not use mini
00:29:47
Cube probably you are using uh eks
00:29:50
clusters or openshift or some some
00:29:52
things right so in such gate go back to
00:29:54
the documentation that I showed you just
00:29:56
search for kubernetes Ingress okay go
00:29:59
back here and choose which Ingress
00:30:01
controller you want let us say that you
00:30:03
are doing this in your organization so
00:30:05
the steps you will follow is go to this
00:30:07
Ingress controller and let's say you are
00:30:08
using same engine Ingress controller
00:30:10
okay instead of choosing the page this
00:30:13
page where you will only be able to
00:30:15
install for mini Cube okay go back here
00:30:18
and in the documentation what you need
00:30:20
to do so these are individual
00:30:22
documentations right for every Ingress
00:30:24
controller you have their own
00:30:25
documentation so you can come here and
00:30:28
you can provide you can look for the
00:30:29
steps to install uh where is this
00:30:35
uh installation steps
00:30:40
let us search for install directly
00:30:48
okay let us choose a different Ingress
00:30:50
controller I think they have complicated
00:30:52
the steps here let me just search for
00:30:54
Ambassador okay so I took this randomly
00:30:57
and here once you click on a quick start
00:31:05
so again this is asking for some okay
00:31:07
don't worry uh so they are just asking
00:31:10
for all the sign up and all the things
00:31:12
but uh you can just search for their uh
00:31:15
official product documentation and say
00:31:17
for example Ambassador ambassador
00:31:20
Ingress
00:31:21
controller installation okay so just
00:31:24
search in Google like this and you will
00:31:26
directly find the steps for installing
00:31:28
Ambassador uh Ingress controller or you
00:31:30
know anything that is required for your
00:31:32
organization so if you are doing on Mini
00:31:34
Cube you don't have to worry about
00:31:35
anything like you know this is the
00:31:37
official documentation for Ambassador
00:31:38
installing uh Ambassador Ingress
00:31:41
controller okay so you have the direct
00:31:43
steps here install with Helm install
00:31:45
with Cube City ml so on your production
00:31:47
cluster you can choose probably Helm so
00:31:50
click on the helm instructions and you
00:31:51
can install them using these specific
00:31:53
commands but for mini Cube like I told
00:31:56
you we just have to do mini Cube add-ons
00:31:58
enable Ingress and it will install the
00:32:00
Ingress controller for us so let us see
00:32:02
if the Ingress controller is installed
00:32:04
or not end of the day English controller
00:32:06
is also a pod so Cube CDL get pods minus
00:32:10
a because I am not sure in which
00:32:12
namespaces that is installed and just
00:32:14
say nginx
00:32:16
so see here so nginx Ingress controller
00:32:19
is up and running and in which namespace
00:32:21
it has created its own namespace coil
00:32:24
Ingress nginx okay and let us try to see
00:32:27
the logs and let us see if it has
00:32:29
identified the Ingress resource that we
00:32:31
have created Cube CTL logs minus n
00:32:34
uh what was the namespace Ingress hyphen
00:32:37
engine X okay so click on enter and it
00:32:41
should identify the Ingress resource
00:32:42
that we have created so what was the
00:32:44
Ingress resource that we have created
00:32:46
see here Ingress example we have created
00:32:49
in the default namespace and the name
00:32:51
was Ingress example okay so it said that
00:32:54
it has identified that we have created
00:32:56
Ingress resource and it has successfully
00:32:58
synced as well so what does it mean like
00:33:00
it synced so it will go to the nginx
00:33:03
load balancer configuration that is
00:33:05
nginx.com file okay and it will update
00:33:09
some Ingress related configuration for
00:33:12
our load balancer related configuration
00:33:13
for the English resource that we created
00:33:15
and you don't have to go into these
00:33:17
details at this point of time so with
00:33:19
using the Ingress controllers you will
00:33:21
understand like you know don't learn
00:33:22
everything on day one eventually you
00:33:24
will understand what is happening under
00:33:25
the hood but as I showed you in the Pod
00:33:28
logs it has unidentified that you know
00:33:30
Abhishek has created an Ingress called
00:33:33
example Ingress or Ingress example in
00:33:36
the default namespace right this is a
00:33:38
default namespace and it said that the
00:33:40
configuration is synced okay for example
00:33:42
tomorrow you are getting any error what
00:33:44
you need to do is you have to go back
00:33:45
and see in the pod.logs and now if you
00:33:48
notice this address field was not there
00:33:51
previously but it is updated now okay so
00:33:53
if I can show you that I don't know if
00:33:55
my terminal okay so the logs are deleted
00:33:58
but address field was not there
00:34:00
previously but after creating the
00:34:02
Ingress controller this address field is
00:34:04
populated that means to say nerve I can
00:34:07
access says you know I can use the
00:34:11
Ingress resource on food.bar.com
00:34:15
what was the Ingress resource that we
00:34:17
have created this Ingress example now
00:34:19
can be accessed on food.bar.com bar the
00:34:24
reason why I can access is because I
00:34:26
have used the Ingress controller right
00:34:29
and the Ingress controller has updated
00:34:31
the configuration so in your production
00:34:34
environment this is enough but if you
00:34:36
are trying on your local kubernetes
00:34:38
cluster you have to do one more
00:34:40
configuration that is you have to update
00:34:43
the slash Etc host configuration okay
00:34:46
you have to update this file why you
00:34:49
need to update this file and why you
00:34:51
don't need to update this in production
00:34:52
is because because you are doing on
00:34:54
local and you have not done this domain
00:34:56
mapping so this food.bar.com has to be
00:34:59
mapped with the domain or IP address
00:35:01
that is 192. 168 64.11 so this is my
00:35:05
mini Cube or you know this is my Ingress
00:35:07
IP address not mini Cube this is my
00:35:09
Ingress IP address so whenever I try to
00:35:11
say food.bot.com like if you ping and
00:35:14
say food.bar.com this IP address does
00:35:16
not exist right this domain does not
00:35:18
exist in your real-time production
00:35:20
environment for example for people at
00:35:23
Amazon they might be using amazon.com
00:35:24
and amazon.com is a real domain which
00:35:27
does exist so in their Ingress resource
00:35:29
what they will do is they will simply
00:35:31
mention here as amazon.com but because
00:35:34
we have not a company and we are just
00:35:36
doing a domain uh sorry demo video so I
00:35:38
cannot go to GoDaddy and purchase a
00:35:40
domain right so that's why I simply said
00:35:41
food.bar.com but what you can do is you
00:35:45
can mock this Behavior or you know you
00:35:47
can create a dummy Behavior here like
00:35:49
you can confuse your uh laptop or you
00:35:52
can you know you can update the ETC host
00:35:55
file like sudo
00:36:00
update this host file and tell the host
00:36:02
file that let's just provide the
00:36:05
password
00:36:06
so you can just tell it right I know
00:36:09
this IP address called
00:36:11
what was the IP address
00:36:13
uh uh
00:36:15
sorry I have to go back so you can tell
00:36:19
them that okay if somebody is trying to
00:36:22
reach food or bar.com okay you can tell
00:36:25
them that I know this domain called
00:36:27
fuba.bar.com and just provide this IP
00:36:30
address and tell them that or tell the
00:36:32
machine that
00:36:34
foo.bar.com okay so this IP address
00:36:38
sorry this domain will be resolved on
00:36:40
this specific IP address okay so now if
00:36:43
you try to access food.bar.com it will
00:36:45
try to reach
00:36:47
192.168.64.11 so this way you can mimic
00:36:50
the behavior or mock the behavior but
00:36:52
this is not production use case in
00:36:53
production you don't have to do all of
00:36:55
these things you can simply ask your
00:36:56
manager or you can simply ask your
00:36:58
company what is the domain that we use
00:36:59
and you can provide the domain name now
00:37:01
if I try to Pink food.bar.com
00:37:05
okay so you will notice that okay so the
00:37:08
request is not reaching yet but in some
00:37:10
time you will notice that the request
00:37:12
will reach onto food.bar.com okay so did
00:37:16
I do any mistake here no there is no
00:37:18
mistake so okay uh there are some
00:37:20
previous entries I have to delete this
00:37:21
entries okay uh
00:37:24
right perfect so in some time what you
00:37:27
will notice is when somebody tries to
00:37:29
reach on the specific food.bar.com you
00:37:32
can tell through your curl request or
00:37:34
you can tell through uh you know slash
00:37:37
Etc host even if you don't want to
00:37:38
update the ctcos you can also tell that
00:37:41
in your curl command that okay I know
00:37:43
what is uh food.bar.com you can resolve
00:37:46
if somebody tries to access food or
00:37:47
bar.com just resolve this on IP address
00:37:50
192 168 64.11.
00:37:52
okay so now what will happen after some
00:37:55
time is you will be able to reach the
00:37:56
application uh just replace the curl
00:37:59
command with uber.paul.com and your
00:38:01
application will be reached now okay I
00:38:04
can go into that practicals but before
00:38:06
that you need to understand that go
00:38:08
through this document where you will
00:38:10
find multiple other things like this was
00:38:12
just example of uh host and Pathways
00:38:15
routing right similarly you can do TLS
00:38:18
based routing so what is TLS just search
00:38:20
for TLS here and you will see that you
00:38:23
can create uh secure kubernetes
00:38:25
ingresses as well that means to say
00:38:28
that you know uh this Ingress resource
00:38:30
that I have created anybody can accept
00:38:32
access access on the HTTP request but in
00:38:35
production real-time use cases for
00:38:37
example you are accessing google.com you
00:38:39
will access on https so these all things
00:38:41
can also be done using Ingress and if
00:38:44
you want to do this if you want to try
00:38:45
the Practical okay you can follow the
00:38:48
video that I am pasting in the
00:38:49
description okay it has everything like
00:38:52
I have shown all the types of Ingress
00:38:54
that were available I think it was made
00:38:56
two to three months back I have shown
00:38:58
all the type of Ingress as TLS without
00:39:00
TLS host based path based wildcard entry
00:39:03
so follow that video after this so that
00:39:05
you understand the entire concept okay
00:39:07
so if you like the button click on the
00:39:08
like button if you have understood the
00:39:10
concept of Ingress definitely comment on
00:39:12
the video and I'll see in the next video
00:39:14
take care everyone bye