SlideShare a Scribd company logo

NGINX Kubernetes Ingress Controller: Getting Started – EMEA

Download as PPTX, PDF
A
Aine Long

This webinar gets you started using the Kubernetes Ingress controllers for NGINX & NGINX Plus to load balance, route, and secure Kubernetes applications Join this webinar to learn: - The benefits of using Kubernetes and why it's become the de facto container scheduler - About the Kubernetes Ingress resource and Ingress controllers - How to use NGINX and NGINX Plus Ingress controllers to load balance, route traffic to, and secure applications on Kubernetes - How to monitor the NGINX Plus Ingress controller with Prometheus

Software
1 of 32
NGINX Kubernetes Ingress Controller: Getting Started February 28, 2018
MORE INFORMATION AT NGINX.COM Agenda • Kubernetes and its key features • Application delivery on Kubernetes: Ingress and Ingress controllers (ICs) • Introduce NGINX and NGINX Plus ICs • Demo: Delivering a simple web application using Ingress with NGINX Plus IC. • Advanced configuration of NGINX and NGINX Plus IC • Summary and Q&A 2 Michael Pleshakov Platform Integration Engineer, NGINX michael@nginx.com
MORE INFORMATION AT NGINX.COM Kubernetes • Kubernetes has become the leading technology for container orchestration • 29% of our users said that Kubernetes was part of their planned technology stack (from 2017 NGINX user survey) • One of the largest open source communities with contributions from thousands of organizations • Vibrant ecosystem of service providers and vendors • All major cloud providers (AWS, Azure and GCP) offer a managed Kubernetes solution
MORE INFORMATION AT NGINX.COM Kubernetes Keys Features Kubernetes: • Runs containerized applications across a cluster of machines • Manages applications – scaling, rolling upgrades • Adds resilience to applications by restarting failed workloads • Connects applications – internal service discovery and load balancing • Supports running stateful applications • And more … How do you successfully deliver applications?
MORE INFORMATION AT NGINX.COM NGINX and NGINX Plus • NGINX -- open source layer 4/layer 7 load balancing solution, as well as a content- cache and a web server: • 63% of top 10K The busiest sites choose NGINX (W3Techs Web server ranking 23- Jan-2018) • #1 downloaded application image on DockerHub • NGINX Plus – commercial version of NGINX, with advanced features and support
MORE INFORMATION AT NGINX.COM Application Delivery on Kubernetes app app app Kubernetes Cluster Application pods Users Internet How do we deliver the app?
MORE INFORMATION AT NGINX.COM Application Delivery Requirements Requirement Meaning 1. Stable Public Endpoint DNS name/static public IP address and port 2. Performance Ensuring clients can access an application quickly with no delays 3. Scalability Scaling the number of application backends according with the demand 4. Reliability Mitigating failures of application backends 5. Ease of configuration Creating, deploying and maintaining the AD configuration is easy 6. Visibility Understanding how the application is being delivered in real-time and over period of time 7. Security Using TLS to secure the client connections to the application 8. Routing Routing client requests at L7 (host header, URI, cookies)
MORE INFORMATION AT NGINX.COM Ingress Resource 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. spec: 6. tls: 7. - hosts: 8. - hello.example.com 9. secretName: hello-secret 10. rules: 11. - host: hello.example.com 12. http: 13. paths: 14. - path: / 15. backend: 16. serviceName: hello-svc 17. servicePort: 80 Ingress: • Built-in Kubernetes resource • Configuration for an edge load balancer (or ADC) Ingress features: • L7 routing based on the host header and URI • TLS termination
MORE INFORMATION AT NGINX.COM Ingress Controller • Kubernetes only provides Ingress resource, not a load balancer • Ingress Controller (IC) – software that applies Ingress rules to a particular load balancer • Several IC implementations for software/hardware/cloud load balancers • It is common to refer to both a load balancer and the IC software as the IC Kubernetes API Ingress Controller Load Balancer Watches Ingress resources Configures
MORE INFORMATION AT NGINX.COM NGINX/NGINX Plus IC Kubernetes API Ingress Controller Watches Ingress resources Configures • NGINX and the IC are in the same pod in the same container. • The IC generates configuration files according to the created Ingress resources and reloads NGINX • For NGINX Plus, the IC uses NGINX Plus API to add/remove endpoints NGINX Ingress Controller Pod
MORE INFORMATION AT NGINX.COM Application Delivery on Kubernetes app app app Kubernetes Cluster Application pods Users Internet How do we deliver an app?
MORE INFORMATION AT NGINX.COM Application Delivery with NGINX IC app app app Kubernetes Cluster Application pods Users Internet How do we expose NGINX IC? NGINX IC pod
MORE INFORMATION AT NGINX.COM How To Expose NGINX IC? • On-premises – Exposing the NGINX IC on a subset of cluster nodes – A load balancer in front of NGINX IC • Cloud – Cloud load balancer in front of NGINX IC
MORE INFORMATION AT NGINX.COM On-premises: IC Nodes • NGINX IC is deployed as a DaemonSet on a subset of nodes (IC nodes) • Port mapping is used to expose NGINX IC pods ports 80 and 443 on those nodes • Clients use the public IP of those nodes to access the IC. • It is recommended configure HA between the IC nodes IC Node 1 IC Node 2 Regular Node(s) Public IP 1 Public IP 2
MORE INFORMATION AT NGINX.COM Basic TCP Load Balancer Public IP On-premises: Load Balancer + NodePorts • NGINX IC is deployed as a Deployment • NGINX IC is exposed through a Service with Type=NodePort • The load balancer distributes client connections among all nodes of the cluster at the noderports. • Clients connects to the NGINX IC through the public IP of the load balancer • The load balancer must be HA
MORE INFORMATION AT NGINX.COM Cloud Load Balancer Public IP Cloud Load Balancer • NGINX IC is deployed as a Deployment • NGINX IC is exposed through a Service with Type=LoadBalancer • The cloud load balancer distributes client connections among all nodes of the cluster at the noderports. • Clients connects to the NGINX IC through the public IP of cloud the load balancer • The cloud load balancer is HA
MORE INFORMATION AT NGINX.COM Application Delivery with NGINX IC app app app Kubernetes Cluster Application pods Users Internet Basic L3/L4 Load Balancer Public IP
MORE INFORMATION AT NGINX.COM Demo Delivering a simple web application using Ingress with NGINX Plus IC.
MORE INFORMATION AT NGINX.COM NGINX Plus IC and Prometheus Prometheus: • Leading open source monitoring solution • Popular among Kubernetes users NGINX Plus Prometheus Exporter: • Available in preview • Supports several NGINX Plus metrics • Supports NGINX Plus Ingress controller
MORE INFORMATION AT NGINX.COM NGINX Plus IC and Prometheus Example visualization: • Total Requests Per Second graph shows the total RPS • Requests Per Second Per Upstream graph shows the RPS for each upstream NGINX Plus metrics stored in Prometheus and visualized using Grafana
MORE INFORMATION AT NGINX.COM Application Delivery Requirements Requirement Kubernetes Kubernetes Ingress with NGINX Plus Ingress Controller 1. Stable Public Endpoint V 2. Performance V V 3. Scalability V V 4. Reliability V V 5. Ease of configuration V 6. Visibility V 7. Security V 8. Routing V
MORE INFORMATION AT NGINX.COM Limitations Of Ingress Resource 1. kind: Ingress 2. metadata: 3. name: hello-ingress 4. spec: 5. tls: 6. - hosts: 7. - hello.example.com 8. secretName: hello-secret 9. rules: 10. - host: hello.example.com 11. http: 12. paths: 13. - path: / 14. backend: 15. serviceName: hello-svc 16. servicePort: 80 Ingress features: • L7 routing based on the host header and URL • TLS termination
MORE INFORMATION AT NGINX.COM Supporting Advanced Use Cases Using advanced NGINX/NGINX Plus features: • Session persistence • JWT validation • Rewriting the URI of a request Customizing NGINX behavior: • Enabling HTTP/2 • Choosing a load balancing method • Changing the SSL protocols and ciphers
MORE INFORMATION AT NGINX.COM Customizing NGINX Behavior 1. kind: ConfigMap 2. apiVersion: v1 3. metadata: 4. name: nginx-config 5. data: 6. http2: "True" 7. ssl-protocols: "TLSv1.2" 8. lb-method: "least_conn" 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.org/lb-method: "ip_hash" 7. spec: 8. tls: 9. - hosts: 10. - hello.example.com 11. secretName: hello-secret 12. rules: 13. - host: hello.example.com 14. http: 15. paths: 16. - path: / 17. backend: 18. serviceName: hello-svc 19. servicePort: 80
MORE INFORMATION AT NGINX.COM Using Advanced Features 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.com/jwt-key: "hello-jwk" 7. nginx.com/jwt-realm: "Hello App" 8. spec: 9. tls: 10. - hosts: 11. - hello.example.com 12. secretName: hello-secret 13. rules: 14. - host: hello.example.com 15. http: 16. paths: 17. - path: / 18. backend: 19. serviceName: hello-svc 20. servicePort: 80
MORE INFORMATION AT NGINX.COM Snippets 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.org/location-snippets: | 7. proxy_set_header X-Custom-Header-1 foo; 8. proxy_set_header X-Custom-Header-2 bar; 9. spec: 10. tls: 11. - hosts: 12. - hello.example.com 13. secretName: hello-secret 14. rules: 15. - host: hello.example.com 16. http: 17. paths: 18. - path: / 19. backend: 20. serviceName: hello-svc 21. servicePort: 80 • Snippets allow to use native NGINX configuration • Available as ConfigMap keys (for global, http, server and location contexts) and Annotations (for server and location contexts)
MORE INFORMATION AT NGINX.COM Changing the Template 1. {{range $upstream := .Upstreams}} 2. upstream {{$upstream.Name}} { 3. zone {{$upstream.Name}} 256k; 4. {{if $upstream.LBMethod }}{{$upstream.LBMethod}};{{end}} 5. {{range $server := $upstream.UpstreamServers}} 6. server {{$server.Address}}:{{$server.Port}};{{end}} 7. {{if $upstream.StickyCookie}} 8. sticky cookie {{$upstream.StickyCookie}}; 9. {{end}} 10. {{if $.Keepalive}}keepalive {{$.Keepalive}};{{end}} 11.}{{end}} 12. 13.{{range $server := .Servers}} 14.server { 15. {{range $port := $server.Ports}} 16. listen {{$port}}{{if $server.ProxyProtocol}} proxy_protocol{{end}}; 17. {{- end}} 18. {{if $server.SSL}} 19. {{- range $port := $server.SSLPorts}} 20. . . .
MORE INFORMATION AT NGINX.COM Supporting Advanced Use Cases Method Complexity (1-3) ConfigMap 1 Annotations 1 Snippets 2 Changing the Template 3
MORE INFORMATION AT NGINX.COM NGINX Ingress Controllers • NGINX/NGINX Plus Ingress Controllers -- https://github.com/nginxinc/kubernetes-ingress • NGINX Ingress Controller -- https://github.com/kubernetes/ingress-nginx
MORE INFORMATION AT NGINX.COM NGINX Ingress Controllers Aspect of Feature kubernetes/ingress-nginx nginxinc/kubernetes-ingress with NGINX nginxinc/kubernetes- ingress with NGINX Plus Authors Kubernetes community NGINX Inc and community NGINX Inc and community NGINX version Custom NGINX build with third-party modules NGINX official mainline build NGINX Plus Commercial support No No Included Standard Ingress Yes Yes Yes Annotations Yes Yes Yes ConfigMaps Yes Yes Yes TCP/UDP Extension Yes Coming soon Coming soon JWT Validation No No Yes Extended Status Yes, Via a third-party module No Yes Prometheus Yes No Yes Dynamic Reconfiguration No No Yes
MORE INFORMATION AT NGINX.COM NGINX/NGINX Plus IC -- Summary a p p a p p a p p Kubernetes Cluster Application pods Users Intern et Load Balancer • HA and scalable solution for application delivery on Kubernetes • High performance and stability • Flexible deployment – NGINX is deployed as a k8s application – and configuration • Advanced features of NGINX and NGINX Plus via the ConfigMap and Annotations
Q & A Get the NGINX Ingress controller: https://github.com/nginxinc/kubernetes-ingress Try NGINX Plus free for 30 days: https://nginx.com/free-trial-request

Recommended

AWS January 2016 Webinar Series - Managing your Infrastructure as Code
AWS January 2016 Webinar Series - Managing your Infrastructure as CodeAWS January 2016 Webinar Series - Managing your Infrastructure as Code
AWS January 2016 Webinar Series - Managing your Infrastructure as Code
Amazon Web Services
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Stanislav Pogrebnyak
 
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트) 마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
Amazon Web Services Korea
 
Best Practices for SecOps on AWS
Best Practices for SecOps on AWSBest Practices for SecOps on AWS
Best Practices for SecOps on AWS
Amazon Web Services
 
Installing WordPress on AWS
Installing WordPress on AWSInstalling WordPress on AWS
Installing WordPress on AWS
Manish Jain
 
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
Amazon Web Services Korea
 

Recommended

AWS January 2016 Webinar Series - Managing your Infrastructure as Code
AWS January 2016 Webinar Series - Managing your Infrastructure as CodeAWS January 2016 Webinar Series - Managing your Infrastructure as Code
AWS January 2016 Webinar Series - Managing your Infrastructure as Code
Amazon Web Services
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Stanislav Pogrebnyak
 
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트) 마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
Amazon Web Services Korea
 
Best Practices for SecOps on AWS
Best Practices for SecOps on AWSBest Practices for SecOps on AWS
Best Practices for SecOps on AWS
Amazon Web Services
 
Installing WordPress on AWS
Installing WordPress on AWSInstalling WordPress on AWS
Installing WordPress on AWS
Manish Jain
 
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
마이크로서비스를 위한 AWS 아키텍처 패턴 및 모범 사례 - AWS Summit Seoul 2017
Amazon Web Services Korea
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
Amazon Web Services
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Rishabh Indoria
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Amazon Web Services
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
Phil Estes
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEA
NGINX, Inc.
 
Jenkins
JenkinsJenkins
Jenkins
MohanRaviRohitth
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
amanmakwana3
 
Introduction to Nexus Repository Manager.pdf
Introduction to Nexus Repository Manager.pdfIntroduction to Nexus Repository Manager.pdf
Introduction to Nexus Repository Manager.pdf
Knoldus Inc.
 
Advanced Container Security
Advanced Container Security Advanced Container Security
Advanced Container Security
Amazon Web Services
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
Jean-Philippe Bélanger
 
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
Edureka!
 
Analyzing NGINX Logs with Datadog
Analyzing NGINX Logs with DatadogAnalyzing NGINX Logs with Datadog
Analyzing NGINX Logs with Datadog
NGINX, Inc.
 
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
Amazon Web Services Korea
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
Guido Schmutz
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
DLT Solutions
 
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
Amazon Web Services Korea
 
Monitoring kubernetes with prometheus
Monitoring kubernetes with prometheusMonitoring kubernetes with prometheus
Monitoring kubernetes with prometheus
Brice Fernandes
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
SeungYong Oh
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
CoreStack
 
Terraform
TerraformTerraform
Terraform
Pathum Fernando ☁
 
Load Balancing Applications on Kubernetes with NGINX
Load Balancing Applications on Kubernetes with NGINXLoad Balancing Applications on Kubernetes with NGINX
Load Balancing Applications on Kubernetes with NGINX
Aine Long
 
ITB2017 - Nginx ppf intothebox_2017
ITB2017 - Nginx ppf intothebox_2017ITB2017 - Nginx ppf intothebox_2017
ITB2017 - Nginx ppf intothebox_2017
Ortus Solutions, Corp
 

More Related Content

What's hot

CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Amazon Web Services
 
Analyzing NGINX Logs with Datadog
Analyzing NGINX Logs with DatadogAnalyzing NGINX Logs with Datadog
Analyzing NGINX Logs with Datadog
NGINX, Inc.
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
Guido Schmutz
 

What's hot (20)

Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEA
 
Jenkins
JenkinsJenkins
Jenkins
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
 
Introduction to Nexus Repository Manager.pdf
Introduction to Nexus Repository Manager.pdfIntroduction to Nexus Repository Manager.pdf
Introduction to Nexus Repository Manager.pdf
 
Advanced Container Security
Advanced Container Security Advanced Container Security
Advanced Container Security
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
 
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
 
Analyzing NGINX Logs with Datadog
Analyzing NGINX Logs with DatadogAnalyzing NGINX Logs with Datadog
Analyzing NGINX Logs with Datadog
 
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
판교 개발자 데이 – Aws가 제안하는 서버리스 아키텍처 – 김필중
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
 
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
AWS Lambda 내부 동작 방식 및 활용 방법 자세히 살펴 보기 - 김일호 솔루션즈 아키텍트 매니저, AWS :: AWS Summit ...
 
Monitoring kubernetes with prometheus
Monitoring kubernetes with prometheusMonitoring kubernetes with prometheus
Monitoring kubernetes with prometheus
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Terraform
TerraformTerraform
Terraform
 

Similar to NGINX Kubernetes Ingress Controller: Getting Started – EMEA

Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the Cloud
Olivia LaMar
 
How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks
Weaveworks
 
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
NGINX, Inc.
 
Using an API Gateway for Microservices
Using an API Gateway for MicroservicesUsing an API Gateway for Microservices
Using an API Gateway for Microservices
NGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
NGINX, Inc.
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
Stfalcon Meetups
 
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference ArchitectureMRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
NGINX, Inc.
 

Similar to NGINX Kubernetes Ingress Controller: Getting Started – EMEA (20)

Load Balancing Applications on Kubernetes with NGINX
Load Balancing Applications on Kubernetes with NGINXLoad Balancing Applications on Kubernetes with NGINX
Load Balancing Applications on Kubernetes with NGINX
 
ITB2017 - Nginx ppf intothebox_2017
ITB2017 - Nginx ppf intothebox_2017ITB2017 - Nginx ppf intothebox_2017
ITB2017 - Nginx ppf intothebox_2017
 
NGINX: The Past, Present and Future of the Modern Web
NGINX: The Past, Present and Future of the Modern WebNGINX: The Past, Present and Future of the Modern Web
NGINX: The Past, Present and Future of the Modern Web
 
Automate NGINX with DevOps Tools
Automate NGINX with DevOps ToolsAutomate NGINX with DevOps Tools
Automate NGINX with DevOps Tools
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the Cloud
 
How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerNGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
 
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0
 
NGINX Plus R19 : EMEA
NGINX Plus R19 : EMEANGINX Plus R19 : EMEA
NGINX Plus R19 : EMEA
 
Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes
 
Flawless Application Delivery with NGINX Plus
Flawless Application Delivery with NGINX PlusFlawless Application Delivery with NGINX Plus
Flawless Application Delivery with NGINX Plus
 
How to install and use Kubernetes
How to install and use KubernetesHow to install and use Kubernetes
How to install and use Kubernetes
 
NGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEANGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEA
 
Using an API Gateway for Microservices
Using an API Gateway for MicroservicesUsing an API Gateway for Microservices
Using an API Gateway for Microservices
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
 
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference ArchitectureMRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
 
Accelerating Your Web Application with NGINX
Accelerating Your Web Application with NGINXAccelerating Your Web Application with NGINX
Accelerating Your Web Application with NGINX
 
Using NGINX and NGINX Plus as a Kubernetes Ingress
Using NGINX and NGINX Plus as a Kubernetes IngressUsing NGINX and NGINX Plus as a Kubernetes Ingress
Using NGINX and NGINX Plus as a Kubernetes Ingress
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on Kubernetes
 

Recently uploaded

Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 

Recently uploaded (20)

Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 

NGINX Kubernetes Ingress Controller: Getting Started – EMEA

  • 1. NGINX Kubernetes Ingress Controller: Getting Started February 28, 2018
  • 2. MORE INFORMATION AT NGINX.COM Agenda • Kubernetes and its key features • Application delivery on Kubernetes: Ingress and Ingress controllers (ICs) • Introduce NGINX and NGINX Plus ICs • Demo: Delivering a simple web application using Ingress with NGINX Plus IC. • Advanced configuration of NGINX and NGINX Plus IC • Summary and Q&A 2 Michael Pleshakov Platform Integration Engineer, NGINX michael@nginx.com
  • 3. MORE INFORMATION AT NGINX.COM Kubernetes • Kubernetes has become the leading technology for container orchestration • 29% of our users said that Kubernetes was part of their planned technology stack (from 2017 NGINX user survey) • One of the largest open source communities with contributions from thousands of organizations • Vibrant ecosystem of service providers and vendors • All major cloud providers (AWS, Azure and GCP) offer a managed Kubernetes solution
  • 4. MORE INFORMATION AT NGINX.COM Kubernetes Keys Features Kubernetes: • Runs containerized applications across a cluster of machines • Manages applications – scaling, rolling upgrades • Adds resilience to applications by restarting failed workloads • Connects applications – internal service discovery and load balancing • Supports running stateful applications • And more … How do you successfully deliver applications?
  • 5. MORE INFORMATION AT NGINX.COM NGINX and NGINX Plus • NGINX -- open source layer 4/layer 7 load balancing solution, as well as a content- cache and a web server: • 63% of top 10K The busiest sites choose NGINX (W3Techs Web server ranking 23- Jan-2018) • #1 downloaded application image on DockerHub • NGINX Plus – commercial version of NGINX, with advanced features and support
  • 6. MORE INFORMATION AT NGINX.COM Application Delivery on Kubernetes app app app Kubernetes Cluster Application pods Users Internet How do we deliver the app?
  • 7. MORE INFORMATION AT NGINX.COM Application Delivery Requirements Requirement Meaning 1. Stable Public Endpoint DNS name/static public IP address and port 2. Performance Ensuring clients can access an application quickly with no delays 3. Scalability Scaling the number of application backends according with the demand 4. Reliability Mitigating failures of application backends 5. Ease of configuration Creating, deploying and maintaining the AD configuration is easy 6. Visibility Understanding how the application is being delivered in real-time and over period of time 7. Security Using TLS to secure the client connections to the application 8. Routing Routing client requests at L7 (host header, URI, cookies)
  • 8. MORE INFORMATION AT NGINX.COM Ingress Resource 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. spec: 6. tls: 7. - hosts: 8. - hello.example.com 9. secretName: hello-secret 10. rules: 11. - host: hello.example.com 12. http: 13. paths: 14. - path: / 15. backend: 16. serviceName: hello-svc 17. servicePort: 80 Ingress: • Built-in Kubernetes resource • Configuration for an edge load balancer (or ADC) Ingress features: • L7 routing based on the host header and URI • TLS termination
  • 9. MORE INFORMATION AT NGINX.COM Ingress Controller • Kubernetes only provides Ingress resource, not a load balancer • Ingress Controller (IC) – software that applies Ingress rules to a particular load balancer • Several IC implementations for software/hardware/cloud load balancers • It is common to refer to both a load balancer and the IC software as the IC Kubernetes API Ingress Controller Load Balancer Watches Ingress resources Configures
  • 10. MORE INFORMATION AT NGINX.COM NGINX/NGINX Plus IC Kubernetes API Ingress Controller Watches Ingress resources Configures • NGINX and the IC are in the same pod in the same container. • The IC generates configuration files according to the created Ingress resources and reloads NGINX • For NGINX Plus, the IC uses NGINX Plus API to add/remove endpoints NGINX Ingress Controller Pod
  • 11. MORE INFORMATION AT NGINX.COM Application Delivery on Kubernetes app app app Kubernetes Cluster Application pods Users Internet How do we deliver an app?
  • 12. MORE INFORMATION AT NGINX.COM Application Delivery with NGINX IC app app app Kubernetes Cluster Application pods Users Internet How do we expose NGINX IC? NGINX IC pod
  • 13. MORE INFORMATION AT NGINX.COM How To Expose NGINX IC? • On-premises – Exposing the NGINX IC on a subset of cluster nodes – A load balancer in front of NGINX IC • Cloud – Cloud load balancer in front of NGINX IC
  • 14. MORE INFORMATION AT NGINX.COM On-premises: IC Nodes • NGINX IC is deployed as a DaemonSet on a subset of nodes (IC nodes) • Port mapping is used to expose NGINX IC pods ports 80 and 443 on those nodes • Clients use the public IP of those nodes to access the IC. • It is recommended configure HA between the IC nodes IC Node 1 IC Node 2 Regular Node(s) Public IP 1 Public IP 2
  • 15. MORE INFORMATION AT NGINX.COM Basic TCP Load Balancer Public IP On-premises: Load Balancer + NodePorts • NGINX IC is deployed as a Deployment • NGINX IC is exposed through a Service with Type=NodePort • The load balancer distributes client connections among all nodes of the cluster at the noderports. • Clients connects to the NGINX IC through the public IP of the load balancer • The load balancer must be HA
  • 16. MORE INFORMATION AT NGINX.COM Cloud Load Balancer Public IP Cloud Load Balancer • NGINX IC is deployed as a Deployment • NGINX IC is exposed through a Service with Type=LoadBalancer • The cloud load balancer distributes client connections among all nodes of the cluster at the noderports. • Clients connects to the NGINX IC through the public IP of cloud the load balancer • The cloud load balancer is HA
  • 17. MORE INFORMATION AT NGINX.COM Application Delivery with NGINX IC app app app Kubernetes Cluster Application pods Users Internet Basic L3/L4 Load Balancer Public IP
  • 18. MORE INFORMATION AT NGINX.COM Demo Delivering a simple web application using Ingress with NGINX Plus IC.
  • 19. MORE INFORMATION AT NGINX.COM NGINX Plus IC and Prometheus Prometheus: • Leading open source monitoring solution • Popular among Kubernetes users NGINX Plus Prometheus Exporter: • Available in preview • Supports several NGINX Plus metrics • Supports NGINX Plus Ingress controller
  • 20. MORE INFORMATION AT NGINX.COM NGINX Plus IC and Prometheus Example visualization: • Total Requests Per Second graph shows the total RPS • Requests Per Second Per Upstream graph shows the RPS for each upstream NGINX Plus metrics stored in Prometheus and visualized using Grafana
  • 21. MORE INFORMATION AT NGINX.COM Application Delivery Requirements Requirement Kubernetes Kubernetes Ingress with NGINX Plus Ingress Controller 1. Stable Public Endpoint V 2. Performance V V 3. Scalability V V 4. Reliability V V 5. Ease of configuration V 6. Visibility V 7. Security V 8. Routing V
  • 22. MORE INFORMATION AT NGINX.COM Limitations Of Ingress Resource 1. kind: Ingress 2. metadata: 3. name: hello-ingress 4. spec: 5. tls: 6. - hosts: 7. - hello.example.com 8. secretName: hello-secret 9. rules: 10. - host: hello.example.com 11. http: 12. paths: 13. - path: / 14. backend: 15. serviceName: hello-svc 16. servicePort: 80 Ingress features: • L7 routing based on the host header and URL • TLS termination
  • 23. MORE INFORMATION AT NGINX.COM Supporting Advanced Use Cases Using advanced NGINX/NGINX Plus features: • Session persistence • JWT validation • Rewriting the URI of a request Customizing NGINX behavior: • Enabling HTTP/2 • Choosing a load balancing method • Changing the SSL protocols and ciphers
  • 24. MORE INFORMATION AT NGINX.COM Customizing NGINX Behavior 1. kind: ConfigMap 2. apiVersion: v1 3. metadata: 4. name: nginx-config 5. data: 6. http2: "True" 7. ssl-protocols: "TLSv1.2" 8. lb-method: "least_conn" 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.org/lb-method: "ip_hash" 7. spec: 8. tls: 9. - hosts: 10. - hello.example.com 11. secretName: hello-secret 12. rules: 13. - host: hello.example.com 14. http: 15. paths: 16. - path: / 17. backend: 18. serviceName: hello-svc 19. servicePort: 80
  • 25. MORE INFORMATION AT NGINX.COM Using Advanced Features 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.com/jwt-key: "hello-jwk" 7. nginx.com/jwt-realm: "Hello App" 8. spec: 9. tls: 10. - hosts: 11. - hello.example.com 12. secretName: hello-secret 13. rules: 14. - host: hello.example.com 15. http: 16. paths: 17. - path: / 18. backend: 19. serviceName: hello-svc 20. servicePort: 80
  • 26. MORE INFORMATION AT NGINX.COM Snippets 1. apiVersion: extensions/v1beta1 2. kind: Ingress 3. metadata: 4. name: hello-ingress 5. annotations: 6. nginx.org/location-snippets: | 7. proxy_set_header X-Custom-Header-1 foo; 8. proxy_set_header X-Custom-Header-2 bar; 9. spec: 10. tls: 11. - hosts: 12. - hello.example.com 13. secretName: hello-secret 14. rules: 15. - host: hello.example.com 16. http: 17. paths: 18. - path: / 19. backend: 20. serviceName: hello-svc 21. servicePort: 80 • Snippets allow to use native NGINX configuration • Available as ConfigMap keys (for global, http, server and location contexts) and Annotations (for server and location contexts)
  • 27. MORE INFORMATION AT NGINX.COM Changing the Template 1. {{range $upstream := .Upstreams}} 2. upstream {{$upstream.Name}} { 3. zone {{$upstream.Name}} 256k; 4. {{if $upstream.LBMethod }}{{$upstream.LBMethod}};{{end}} 5. {{range $server := $upstream.UpstreamServers}} 6. server {{$server.Address}}:{{$server.Port}};{{end}} 7. {{if $upstream.StickyCookie}} 8. sticky cookie {{$upstream.StickyCookie}}; 9. {{end}} 10. {{if $.Keepalive}}keepalive {{$.Keepalive}};{{end}} 11.}{{end}} 12. 13.{{range $server := .Servers}} 14.server { 15. {{range $port := $server.Ports}} 16. listen {{$port}}{{if $server.ProxyProtocol}} proxy_protocol{{end}}; 17. {{- end}} 18. {{if $server.SSL}} 19. {{- range $port := $server.SSLPorts}} 20. . . .
  • 28. MORE INFORMATION AT NGINX.COM Supporting Advanced Use Cases Method Complexity (1-3) ConfigMap 1 Annotations 1 Snippets 2 Changing the Template 3
  • 29. MORE INFORMATION AT NGINX.COM NGINX Ingress Controllers • NGINX/NGINX Plus Ingress Controllers -- https://github.com/nginxinc/kubernetes-ingress • NGINX Ingress Controller -- https://github.com/kubernetes/ingress-nginx
  • 30. MORE INFORMATION AT NGINX.COM NGINX Ingress Controllers Aspect of Feature kubernetes/ingress-nginx nginxinc/kubernetes-ingress with NGINX nginxinc/kubernetes- ingress with NGINX Plus Authors Kubernetes community NGINX Inc and community NGINX Inc and community NGINX version Custom NGINX build with third-party modules NGINX official mainline build NGINX Plus Commercial support No No Included Standard Ingress Yes Yes Yes Annotations Yes Yes Yes ConfigMaps Yes Yes Yes TCP/UDP Extension Yes Coming soon Coming soon JWT Validation No No Yes Extended Status Yes, Via a third-party module No Yes Prometheus Yes No Yes Dynamic Reconfiguration No No Yes
  • 31. MORE INFORMATION AT NGINX.COM NGINX/NGINX Plus IC -- Summary a p p a p p a p p Kubernetes Cluster Application pods Users Intern et Load Balancer • HA and scalable solution for application delivery on Kubernetes • High performance and stability • Flexible deployment – NGINX is deployed as a k8s application – and configuration • Advanced features of NGINX and NGINX Plus via the ConfigMap and Annotations
  • 32. Q & A Get the NGINX Ingress controller: https://github.com/nginxinc/kubernetes-ingress Try NGINX Plus free for 30 days: https://nginx.com/free-trial-request