Fury Kubernetes Ingress

Our ingress module makes use of CNCF recommended, Cloud Native projects, such as Ingress nginx that acts an ingress controller using the well knonw nginx server as a URL path based routing reverse proxy and load balancer, and cert-manager to automate the management and issuance of TLS certificates from various issuing sources that will ensure certificates are valid and renew them before expiry. The module also includes packages to enable LDAP authentication to services and Forecastle as a global directory to have quick access to all the services offered by your cluster.

Thanks to the components in the Fury Kubernetes Ingress module, you can be confident that the entrypoint to your services is stable, performant and secure.

Supported Platforms

The Fury Kubernetes Ingress module can be deployed on the following platforms:

  • AWS (no additional configuration required)
  • Google Kubernetes Engine (GKE) - (nginx-gke specific package)
  • Azure Kubernetes Service (AKS) - (no additional configuration required)
  • on-premises or unmanaged cloud clusters (no additional configuration required)

Architecture

The reference architecture used to deploy the Fury Kubernetes Ingress Module is shown in the following figure:

Ingress Architecture

The traffic from end users arrives to a Load Balancer that distributes the traffic between the available Ingress Controllers (usually, one for each availability zone). Once the traffic reaches the Ingress Controller, the Ingress proxies the traffic to the service based on the URL path of the request. The service is a Kubernetes abstraction that makes the traffic arrive to the PODs where the actual application is running.

Ingress Packages

Package Description
cert-manager cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources
forecastle  Forecastle gives you access to a dashboard where you can see your defined ingresses and access them easily
nginx The nginx Ingress Controller for Kubernetes provides delivery services for Kubernetes applications
dual-nginx It deploys two identical nginx ingress controllers but with two different scopes: one to serve public/external traffic and one to serve private/internal traffic
nginx-ldap-auth This package provides HTTP authentication to your ingresses using an LDAP backend
nginx-gke This package is the Ingress Controller for Google Kubernetes Engine (GKE) clusters

Deploy

Getting traffic into your cluster


Last modified 19.05.2020: Fixing typos (d65a551)