The Book of Kubernetes: A Complete Guide to Container Orchestration by Alan Hohn
				
							 
							
								
							
							
							Author:Alan Hohn
							
							
							
							Language: eng
							
							
							
							Format: mobi, epub
							
							
							
																				
							
							
							
							
							
							Publisher: No Starch Press, Inc.
							
							
							
							Published: 2022-08-15T00:00:00+00:00
							
							
							
							
							
							
Ingress in Production
The curl command in Listing 9-3 still looks a little strange, as weâre required to override the HTTP Host header manually. We need to perform a few additional steps to use Ingress resources to expose services in a production cluster.
First, we need our cluster to have an externally routable IP address together with a well-known name that is registered in DNS. The best way to do that is with a wildcard DNS scheme so that all hosts in a given domain are all routed to the clusterâs external IP. For example, if we own the domain cluster.example.com, we could create a DNS entry so that *.cluster.example.com routes to the clusterâs external IP address.
This approach still works with larger clusters that span multiple networks. We just need to have multiple IP addresses associated with the DNS entry, possibly using location-aware DNS servers that route clients to the closest service.
Next, we need to create an SSL certificate for our ingress controller that includes our wildcard DNS as a Subject Alternative Name (SAN). This will allow our ingress controller to provide a secure HTTP connection for external users no matter what specific service hostname they are using.
Finally, when we define our Services, we need to specify the fully qualified domain name for the host field. For the preceding example, we would specify web01.cluster.example.com rather than just web01.
After weâve performed these additional steps, any external user would be able to connect via HTTPS to the fully qualified hostname of our Service, such as https://web01.cluster.example.com. This hostname would resolve to our clusterâs external IP address, and the load balancer would route it to one of the clusterâs nodes. At that point, our ingress controller, listening on the standard port of 443, would offer its wildcard certificate, which would match what the client expects. As soon as the secure connection is established, the ingress controller would inspect the HTTP Host header and proxy a connection to the correct Service, sending back the HTTP response to the client.
The advantage of this approach is that after we have it set up, we can deploy a new Ingress resource at any time to expose a Service externally, and as long as we choose a unique hostname, it wonât collide with any other exposed Service. After the initial setup, all of the configuration is maintained within the cluster itself, and we still have a highly available configuration for all of our Services.
Download
The Book of Kubernetes: A Complete Guide to Container Orchestration by Alan Hohn.epub
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
What's Done in Darkness by Kayla Perrin(26765)
The Ultimate Python Exercise Book: 700 Practical Exercises for Beginners with Quiz Questions by Copy(20382)
De Souza H. Master the Age of Artificial Intelligences. The Basic Guide...2024 by Unknown(20193)
D:\Jan\FTP\HOL\Work\Alien Breed - Tower Assault CD32 Alien Breed II - The Horror Continues Manual 1.jpg by PDFCreator(20179)
The Fifty Shades Trilogy & Grey by E L James(19232)
Shot Through the Heart: DI Grace Fisher 2 by Isabelle Grey(19219)
Shot Through the Heart by Mercy Celeste(19079)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 10 by Isuna Hasekura and Jyuu Ayakura(17259)
Python GUI Applications using PyQt5 : The hands-on guide to build apps with Python by Verdugo Leire(17197)
Peren F. Statistics for Business and Economics...Essential Formulas 3ed 2025 by Unknown(17040)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 03 by Isuna Hasekura and Jyuu Ayakura & Jyuu Ayakura(16960)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 01 by Isuna Hasekura and Jyuu Ayakura & Jyuu Ayakura(16589)
The Subtle Art of Not Giving a F*ck by Mark Manson(14550)
The 3rd Cycle of the Betrayed Series Collection: Extremely Controversial Historical Thrillers (Betrayed Series Boxed set) by McCray Carolyn(14282)
Stepbrother Stories 2 - 21 Taboo Story Collection (Brother Sister Stepbrother Stepsister Taboo Pseudo Incest Family Virgin Creampie Pregnant Forced Pregnancy Breeding) by Roxi Harding(13930)
Scorched Earth by Nick Kyme(12917)
Drei Generationen auf dem Jakobsweg by Stein Pia(11115)
Suna by Ziefle Pia(11039)
Scythe by Neal Shusterman(10506)
