Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In this article, you learn application networking options for Azure Kubernetes Service (AKS). We first pose a question to help guide your planning, and then provide options, recommendations, and best practices.
How do you want to access your applications?
Application networking controls how the applications running in your Kubernetes pods are exposed to clients from outside the cluster.
Application networking options
When setting up application networking, you can choose between a Load Balancer Service with layer-4 load balancing or Ingress controllers with layer-7 load balancing:
| Application networking option | Features & functionality |
|---|---|
| Load Balancer Service | • Uses a Kubernetes LoadBalancer Service to directly expose an application on a public or private IP. • Supports multiple ports and any TCP or UDP traffic. • Requires at least one unique IP:port pair per application. |
| Ingress controllers | • Exposes an application behind a layer-7 reverse proxy. • Usable only for HTTP-like traffic (HTTP, HTTPS, gRPC). • Can share a single public IP and ports for all ingress definitions on the same ingress controller. • Managed ingress options include: Managed ingress-nginx through the application routing add-on, Azure Application Gateway for Containers (recommended), and Istio ingress gateway. |
Recommendations
For non-HTTP traffic, we recommend using Load Balancer Service with layer-4 load balancing. This approach provides direct access to your applications and supports a wide range of protocols. For HTTP-like traffic, we recommend using Ingress controllers with layer-7 load balancing. This approach allows you to take advantage of advanced routing features and share a single public IP for multiple applications.