Implementing Advanced Ingress Routing
While the basic Ingress configuration covers many common use cases, Kubernetes Ingress also supports more advanced routing capabilities to handle complex traffic management scenarios. These features allow you to create sophisticated routing rules and enhance the flexibility of your Ingress setup.
Path-based Routing
Ingress supports path-based routing, which allows you to route traffic to different services based on the requested URL path. This is useful when you have multiple services running within your cluster and want to expose them through a single Ingress.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- host: example.com
http:
paths:
- path: /api
pathType: Prefix
backend:
service:
name: api-service
port:
number: 80
- path: /static
pathType: Prefix
backend:
service:
name: static-service
port:
number: 80
In this example, the Ingress routes traffic to the api-service
for requests to /api
, and to the static-service
for requests to /static
.
Host-based Routing
Ingress also supports host-based routing, which allows you to route traffic to different services based on the requested hostname. This is useful when you want to serve multiple domains or subdomains through a single Ingress.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- host: api.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: api-service
port:
number: 80
- host: www.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-service
port:
number: 80
In this example, the Ingress routes traffic to the api-service
for requests to api.example.com
, and to the web-service
for requests to www.example.com
.
SSL/TLS Termination
Ingress can handle SSL/TLS termination, simplifying the configuration of your services. You can specify TLS secrets that contain the SSL/TLS certificates and keys, and the Ingress will handle the encryption and decryption of the traffic.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
tls:
- hosts:
- example.com
secretName: tls-secret
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-service
port:
number: 80
In this example, the Ingress is configured to terminate the SSL/TLS connection using the tls-secret
secret, which contains the necessary certificates and keys.
By implementing these advanced Ingress routing capabilities, you can create more sophisticated traffic management solutions within your Kubernetes cluster, handling complex routing scenarios and enhancing the overall flexibility of your application deployment.