ingress controller

Question

Hi My AKS has both services and function apps. I would like to set up an nginx ingress controller. Question: will all incoming traffic to the cluster go through the nginx ingress controller - including the function apps? Thank you

Answer 1

Hello maratusa, Welcome to microsoft Q&A, Thankyou for posting your query here. Yes, the NGINX ingress controller can be used to route traffic to both services and function apps in your AKS cluster. The NGINX ingress controller will act as a reverse proxy and will route incoming traffic to the appropriate services and function apps based on the rules defined in the ingress resources. here's an example ingress resource file that routes traffic to both a service and a function app:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: my-api-service
            port:
              name: http
      - path: /myfunction
        pathType: Prefix
        backend:
          service:
            name: my-function-app
            port:
              name: http

Answer 2

Hi Maratusa,

When reading your question, I can confirm that yes, when you set up an NGINX Ingress Controller in your Azure Kubernetes Service (AKS) cluster, it can handle all incoming traffic to the cluster, including traffic to both your services and function apps, provided that they are deployed within the cluster and properly configured to be exposed through the Ingress Controller.

To give your an overview how it works:

Ingress Controller Deployment: The NGINX Ingress Controller is deployed as a pod within your AKS cluster. It acts as a reverse proxy and load balancer, managing the incoming HTTP/S traffic and routing it to your services based on the rules defined in Ingress resources.

Ingress Resources: You define Ingress resources that specify the routing rules. These rules determine how incoming traffic should be directed to the various services and applications running in your cluster, including your function apps if they are designed to handle HTTP/S requests and are exposed via a Kubernetes service.

Function Apps via Kubernetes Services: To route traffic to your function apps through the NGINX Ingress Controller, your function apps need to be containerized, deployed in the AKS cluster, and exposed via Kubernetes services. You then reference these services in your Ingress resource definitions to route the external traffic to them.

Centralized Traffic Management: By using an Ingress Controller, you centralize the management of your traffic routing, enabling features such as SSL/TLS termination, path-based routing, and domain-based virtual hosting for all your applications, including both traditional services and function apps.

Keep in mind:

Configuration and Annotations: The NGINX Ingress Controller can be customized through annotations in your Ingress resource definitions. These annotations allow you to specify advanced routing rules, SSL configurations, and other settings specific to NGINX.

External Access: Ensure that your Ingress Controller is exposed externally. This typically involves configuring a LoadBalancer service in AKS that points to the NGINX Ingress Controller, allowing it to receive traffic from outside the cluster.

DNS and Networking: You'll likely need to configure DNS records to point to your LoadBalancer’s IP address and ensure your networking rules (such as NSGs in Azure) allow the intended traffic to reach the Ingress Controller.

Be aware to properly set up and configuring your NGINX Ingress Controller and associated Ingress resources, so you can indeed route all incoming traffic, including that intended for your function apps, through the Ingress Controller.

I hope this helps? If you have any questions please let me know