Workshops
Traffic Management in Kubernetes
Learn how ingress controllers optimize traffic routing and reduce cloud costs
Kubernetes Networking and Services
Pods have IP addresses but Pods are ephemeral and can be created and destroyed at any time and the IPs will change. To make sure that the communication between pods is not interrupted, Kubernetes uses services.
Basic Service Types:
- ClusterIP: Internal access only
- NodePort: Opens ports on all nodes
- LoadBalancer: Creates cloud load balancer (expensive)
Cloud Load Balancer Challenges:
- Each service with type=LoadBalancer creates a new cloud load balancer
- Costs add up quickly ($20-50 per load balancer/month)
- Managing multiple load balancers becomes complex
Ingress Controllers
- Single load balancer for multiple services
- URL-based routing
- TLS termination
Kuberise's Two-Ingress Architecture
- Internal Ingress Controller:
- Class: nginx-internal
- Service Type: ClusterIP
- Domain: kuberise.internal
- Purpose: Service-to-service communication
- External Ingress Controller:
- Class: nginx-external
- Service Type: LoadBalancer
- Domain: *.kuberise.dev
- Purpose: External client access
DNS Management with ExternalDNS
- Internal DNS:
- Uses private DNS zones (AKS/EKS/GKE)
- Manages kuberise.internal records
- Ingress-Nginx-Internal Service annotation: external-dns.alpha.kubernetes.io/internal-hostname: kuberise.internal
- Using CoreDNS for OnPrem: rewrite name kuberise.internal ingress-nginx-internal-controller.ingress-nginx-internal.svc.cluster.local
- External DNS:
- Manages public DNS records
- Supports multiple providers (Cloudflare, Route53, etc.)
- Wildcard DNS for external ingress
- Ingress-Nginx-External Service annotation: external-dns.alpha.kubernetes.io/hostname: "*.aks.kuberise.dev"