question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature request: Support kubernetes "Ingress" based definitions

See original GitHub issue

Please describe your use case / problem.

Currently evaluating Ingress Controllers for k8 and Ambassador is often listed as a solution for this kind of thing alongside other implementations. (i.e. https://kubedex.com/ingress/)

When coming around to eval Ambassador after having tried a few others (i.e k8 ingress-nginx, Traefik etc). I noticed the biggest difference is that Ambassador is not configurable via (i.e does not consume/react to) k8 Ingress components like others but instead annotations on k8 Service objects.

It does not seem that far of a reach for Ambassador to also be able to consume configuration defined by a k8 Ingress

https://kubernetes.io/docs/concepts/services-networking/ingress/

Describe the solution you’d like

Currently I define my mappings for Ambassador in an app’s Service def like below.

apiVersion: v1
kind: Service
metadata:
  namespace: my-apps
  name: my-app-4-1-3-1--1-3
  annotations:
    getambassador.io/config: |
      ---
      apiVersion: ambassador/v1
      kind:  Mapping
      name:  my_app_mapping
      host: "^my-app-stage.local(:{1}\\d+)*$"
      host_regex: true
      prefix: /
      timeout_ms: 60000
      service: https://my-app-4-1-3-1--1-3:30000
spec:
  selector:
    app: my-app
    version: 4-1-3-1--1-3
    env: stage
  type: NodePort
  ports:
  - protocol: TCP
    port: 30000
    targetPort: app-port
    nodePort: 30000

Note the TLS certificate presented for the above “host” mapping currently has to be defined in the Ambassador Deployment config…

...
---
apiVersion: ambassador/v1
kind: Module
name: tls
config:
  server:
    enabled: True
    secret: my-app-tls-cert
...

It would be nice to be able to alternatively define all of this configuration in the standard kubernetes Ingress way of doing things, that still supports annotations but is a bit more portable across “ingress” controller/gateway implementations:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  namespace: my-apps
  name: my-app-ingress-1
  annotations:
    kubernetes.io/ingress.class: "ambassador"
    ingress.kubernetes.io/protocol: "https"
spec:
  tls:
  - hosts:
    - my-app-stage.local
    secretName: my-app-tls-cert
  rules:
  - host: my-app-stage.local
    http:
      paths:
      - backend:
          serviceName: my-app-4-1-3-1--1-3
          servicePort: 30000

For instance in the above, despite that kubernetes.io/ingress.class is optional, you could change this to “ambassador”, “traefik” or “nginx” and use this same exact config across different providers.

Describe alternatives you’ve considered

Obviously the Service based annotations method works fine, I’m just advocating supporting Ingress abstraction might aid people hot swapping out their “Ingress” implementation in k8.

Additional context

https://datawire-oss.slack.com/archives/CAULN7S76/p1553277231024800?thread_ts=1553262170.995000&cid=CAULN7S76

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:3
  • Comments:10 (5 by maintainers)

github_iconTop GitHub Comments

2reactions
concafcommented, Aug 20, 2019

@flands it’s a good thing that Ambassador can read Kubernetes Ingress resources and configure itself without any extra configuration - making it an Ingress Controller. This makes it easier to evaluate Ambassador against other Ingress Controllers. Also, certain integrations with Ambassador configure themselves using Kubernetes Ingress resources as well, so this will help in that area as well.

2reactions
flandscommented, Aug 18, 2019

Question: given Ambassador now supports CRDs, what value does Ingress provide?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Feature request: Support kubernetes "Ingress" based definitions
I noticed the biggest difference is that Ambassador is not configurable via (i.e does not consume/react to) k8 Ingress components like others ...
Read more >
Ingress - Kubernetes
The Ingress concept lets you map traffic to different backends based on rules you define via the Kubernetes API.
Read more >
Ingress configuration on Google Cloud
This page provides a comprehensive overview of what's supported and configurable through Kubernetes Ingress on Google Cloud. Ingress for Google Kubernetes ...
Read more >
Kubernetes Ingress Explained – BMC Software | Blogs
Kubernetes Ingress supports multiple protocols, authentication, content-based routing, etc., and allows users to manage and configure them ...
Read more >
Understanding Kubernetes services & ingress networking
An Ingress is used when we have multiple services on our cluster and we want the user request routed to the service based...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found