Skip to content
BankyBluePrints.com

Kubernetes Ingress

Kubernetes Ingress

Section titled “Kubernetes Ingress”

Ingress routes external HTTP and HTTPS traffic to Services inside the cluster based on hostnames and paths — using a single load balancer for multiple services.

Why Ingress

Section titled “Why Ingress”

Without Ingress, each Service of type LoadBalancer creates its own cloud load balancer (expensive and complex to manage). Ingress uses one entry point and routes to multiple services based on rules.

Internet → Load Balancer → Ingress Controller → Services → Pods

Ingress Controller

Section titled “Ingress Controller”

An Ingress resource alone does nothing. You need an Ingress Controller running in the cluster that watches Ingress resources and configures the underlying proxy.

Common controllers:

  • nginx-ingress — most widely used
  • Traefik — popular in smaller setups
  • GKE Ingress / ALB Ingress — cloud-native options

Install nginx-ingress with Helm:

Terminal window
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm install ingress-nginx ingress-nginx/ingress-nginx

Basic Ingress Resource

Section titled “Basic Ingress Resource”
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-app-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx
  rules:
    - host: myapp.example.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: my-app-service
                port:
                  number: 80

Path-Based Routing

Section titled “Path-Based Routing”

Route different paths to different services:

rules:
  - host: myapp.example.com
    http:
      paths:
        - path: /api
          pathType: Prefix
          backend:
            service:
              name: api-service
              port:
                number: 80
        - path: /
          pathType: Prefix
          backend:
            service:
              name: frontend-service
              port:
                number: 80

Host-Based Routing

Section titled “Host-Based Routing”

Route different hostnames to different services:

rules:
  - host: api.example.com
    http:
      paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: api-service
              port:
                number: 80
  - host: app.example.com
    http:
      paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: frontend-service
              port:
                number: 80

TLS / HTTPS

Section titled “TLS / HTTPS”

Store TLS cert and key in a Secret, then reference it:

Terminal window
kubectl create secret tls my-tls-secret \
  --cert=path/to/cert.crt \
  --key=path/to/cert.key
spec:
  tls:
    - hosts:
        - myapp.example.com
      secretName: my-tls-secret
  rules:
    - host: myapp.example.com
      ...

For automatic certificate management, use cert-manager with Let’s Encrypt.

Path Types

Section titled “Path Types”
pathTypeBehaviour
ExactMatches exact path only
PrefixMatches path prefix (most common)
ImplementationSpecificController-specific matching

Common Commands

Section titled “Common Commands”
Terminal window
kubectl apply -f ingress.yaml
kubectl get ingress
kubectl describe ingress my-app-ingress


# Check Ingress controller logs
kubectl logs -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx