This is what I define in k8s.yml file:
apiVersion: v1
kind: Service
metadata:
name: myservice
namespace: mynamespace
labels:
app: myservice
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
external-dns.alpha.kubernetes.io/hostname: "myservice."
spec:
selector:
app: myservice
type: LoadBalancer
ports:
- name: http
port: 8080
targetPort: 8080
protocol: TCP
Running this command:
kubectl describe service myservice
gives me the "LoadBalancer Ingress" like this:
Type: LoadBalancer IP:
25.0.162.225 LoadBalancer Ingress: internal-a9716e......us-west-2.elb.amazonaws.com
As I understand, the publishing type I'm using is "LoadBalancer" which helps me expose my Service to external IP address (refer https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/). And the Ingress is a different thing which sits in front of the Services and I didn't define it in my yml file. (refer: https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0) With the "LoadBalancer Ingress" I'm able to access my Service from outside the cluster, but I don't understand why it's called "LoadBalancer Ingress"? What does it have to do with Ingress? Or is it true that every load balancer is equipped with an Ingress for the Service exposing purpose?
Ingress is an abstract definition of what to expose and how. Usually refers to HTTP(S) traffic, but with some fiddling can also other modes/protocols..
Ingress Controller is a particular implementation that will realize your Ingress defined expectations using a specific piece of software. Be it Nginx, Traefik or some other solution, potentially dedicated to particular cloud provider.
They will use
Service
objects as means of finding what are the endpoints to use for specific traffing that reached them. It's of no consequence if this isheadless
,ClusterIP
,NodePort
orLoadBalancer
type of service.That said,
LoadBalancer
type service exposes your service on a, surprise, loadbalancer. Again, usually related to your cloud provider. It's a completely different way of exposing your service, as isNodePort
type.