What s the difference between kubernetes load balancer and ingress controller

0 votes

I cannot seem to understand the difference between the two. Ingress maps the incoming traffic to the services in the cluster while load balancer forwards it to a host. Both seem to be doing the same thing. And how is kubernetes load balancer compared to Amazon ELB and ALB?

Jan 4, 2019 in Kubernetes by Damon Salvatore
• 5,980 points
13,926 views

1 answer to this question.

0 votes

Load Balancer: So Kubernetes LoadBalancer just points to external load balancers which do not reside in your cluster. If your pods are externally routable, these load balancers can work with them. Google and AWS have native capability for this. When using amazon it by default maps it to ELB for load balancing.

Ingress: In Ingress on the other hand you can define a set of rules that your controller actively listens to. A load balancer service is something that could listen to these ingress rules. You can deploy ingress rules, but they will not work unless mapped to a controller. NodePort service can also be used for this provided it has an extrenal routable IP outside of the cluster.

Ingress controller simply just process and makes sense of ingress rules. One of the most common and widely used ingress controller is the nginx controller. Amazon ALB can also be used as an ingress controller.

For an example, this nginx controller is able to ingest ingress rules you have defined and translate them to an nginx.conf file that it loads and starts in its pod.

Let's for instance say you defined an ingress as follows:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
   ingress.kubernetes.io/rewrite-target: /
 name: web-ingress
spec:
  rules:
  - host: kubernetes.foo.bar
    http:
      paths:
      - backend:
          serviceName: appsvc
          servicePort: 80
        path: /app

If you then inspect your nginx controller pod you'll see the following rule defined in /etc/nginx.conf:

server {
    server_name kubernetes.foo.bar;
    listen 80;
    listen [::]:80;
    set $proxy_upstream_name "-";
    location ~* ^/web2\/?(?<baseuri>.*) {
        set $proxy_upstream_name "apps-web2svc-8080";
        port_in_redirect off;

        client_max_body_size                    "1m";

        proxy_set_header Host                   $best_http_host;

        # Pass the extracted client certificate to the backend

        # Allow websocket connections
        proxy_set_header                        Upgrade           $http_upgrade;
        proxy_set_header                        Connection        $connection_upgrade;

        proxy_set_header X-Real-IP              $the_real_ip;
        proxy_set_header X-Forwarded-For        $the_x_forwarded_for;
        proxy_set_header X-Forwarded-Host       $best_http_host;
        proxy_set_header X-Forwarded-Port       $pass_port;
        proxy_set_header X-Forwarded-Proto      $pass_access_scheme;
        proxy_set_header X-Original-URI         $request_uri;
        proxy_set_header X-Scheme               $pass_access_scheme;

        # mitigate HTTPoxy Vulnerability
        # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
        proxy_set_header Proxy                  "";

        # Custom headers

        proxy_connect_timeout                   5s;
        proxy_send_timeout                      60s;
        proxy_read_timeout                      60s;

        proxy_redirect                          off;
        proxy_buffering                         off;
        proxy_buffer_size                       "4k";
        proxy_buffers                           4 "4k";

        proxy_http_version                      1.1;

        proxy_cookie_domain                     off;
        proxy_cookie_path                       off;

    rewrite /app/(.*) /$1 break;
    rewrite /app / break;
    proxy_pass http://apps-appsvc-8080;

    }

Nginx has just created a rule to route kubernetes app to point to the service appsvcin your cluster.

For further details, refer to the Kubernetes Course.

Hope this helps!

answered Jan 4, 2019 by DareDev
• 6,890 points
Awesome Explanation!! Keep up your great work!!

Related Questions In Kubernetes

0 votes
1 answer
0 votes
1 answer

What is the difference between config map and secret in kubernetes?

Config maps ideally stores application configuration in ...READ MORE

answered Jul 17, 2019 in Kubernetes by Sirajul
• 59,230 points
3,731 views
0 votes
1 answer

What is the difference between Apache Mesos and Kubernetes?

Hi@akhtar, Kubernetes and Apache Mesos are DevOps infrastructure ...READ MORE

answered Dec 16, 2020 in Kubernetes by MD
• 95,460 points
1,094 views
0 votes
1 answer

Customize the routing logic in kubernetes ingress controller

Try building your own customized image based on ...READ MORE

answered Sep 7, 2018 in Kubernetes by Kalgi
• 52,350 points
1,336 views
+1 vote
1 answer
0 votes
1 answer

permissions related to AWS ECR

if you add allowContainerRegistry: true, kops will add those permissions ...READ MORE

answered Oct 9, 2018 in Kubernetes by Kalgi
• 52,350 points
1,402 views
0 votes
1 answer

deleting pods using kubernetes replication controller

The pods which are managed by ReplicationController ...READ MORE

answered Jul 24, 2018 in Kubernetes by DareDev
• 6,890 points
1,082 views
0 votes
1 answer

Kubernetes HTTPS Ingress in Google Container Engine

n order to have HTTPs service exposed ...READ MORE

answered Nov 23, 2018 in Kubernetes by DareDev
• 6,890 points
901 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP