Fury Kubernetes Ingress

2 minute read

Our ingress module makes use of CNCF recommended, Cloud Native projects, such as Ingress nginx that acts an ingress controller using the well-known NGINX server as a URL path-based routing reverse proxy and load balancer, and cert-manager to automate the management and issuance of TLS certificates from various issuing sources that will ensure certificates are valid and renew them before expiry. The module also includes packages to enable LDAP authentication to services and Forecastle as a global directory to have quick access to all the services offered by your cluster.

Thanks to the components in the Fury Kubernetes Ingress module, you can be confident that the entry point to your services is stable, performant, and secure.

Supported Platforms

The Fury Kubernetes Ingress module can be deployed on the following platforms:

  • AWS (no additional configuration required)
  • Google Kubernetes Engine (GKE) - (nginx-gke specific package)
  • Azure Kubernetes Service (AKS) - (no additional configuration required)
  • OVH Cloud Kubernetes Service - (nginx-ovh specific package)
  • on-premises or unmanaged cloud clusters (no additional configuration required)

Architecture

The reference architecture used to deploy the Fury Kubernetes Ingress Module is shown in the following figure:

Ingress Architecture

The traffic from end users arrives in a Load Balancer that distributes the traffic between the available Ingress Controllers (usually, one for each availability zone). Once the traffic reaches the Ingress Controller, the Ingress proxies the traffic to the service based on the URL path of the request. The service is a Kubernetes abstraction that makes the traffic arriving at the PODs where the actual application is running.

Ingress Packages

Package Description
cert-manager cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources
forecastle Forecastle gives you access to a dashboard where you can see your defined ingresses and access them easily
nginx The NGINX Ingress Controller for Kubernetes provides delivery services for Kubernetes applications
dual-nginx It deploys two identical NGINX ingress controllers but with two different scopes: one to serve public/external traffic and one to serve private/internal traffic
nginx-ldap-auth This package provides HTTP authentication to your ingresses using an LDAP backend
nginx-gke This package is the Ingress Controller for Google Kubernetes Engine (GKE) clusters
nginx-ovh This package is the Ingress Controller for OVH Cloud Kubernetes Service clusters

Deploy

Getting traffic into your cluster


Last modified 07.01.2021: Update docs with v1.5 details (dadea1c)