"Navigating Kubernetes: Harnessing the Power of Namespace and Ingress for Efficient Application Management"
As containerization gains prominence in modern software development, Kubernetes has emerged as the go-to orchestrator for managing containerized applications at scale. Two essential components of Kubernetes, namespaces and ingress, play a crucial role in organizing and routing traffic to these applications. In this article, we delve into the significance of namespaces, which provide logical isolation, and explore the power of ingress controllers for efficiently managing external access to containerized services.
Namespaces provide a logical isolation mechanism within a Kubernetes cluster, allowing users to create multiple virtual clusters on the same physical infrastructure. By default, Kubernetes creates four namespaces:
defaults
default namespace for objects that don't have a specific namespacekube-system
This namespace hosts Kubernetes system components and infrastructure.kube-public
contains resources accessible to all users, even unauthenticated ones.kube-node-lease
It contains node leases that are used by the Kubernetes lease abstraction.
Use cases and scenarios for namespaces:
Use Case 1: Organizing Resources within Dedicated Namespaces
Scenario: A complex application with multiple deployments, replica sets, and services leads to clutter in the default namespace.
Solution: Create dedicated namespaces for different components or teams. For example, use the "DB" namespace for the database pod and related resources and separate namespaces for frontend and backend services. This ensures clear resource separation, simplifies troubleshooting, and promotes collaboration within teams.
Use Case 2: Avoiding Configuration Clashes and Overwriting Changes
Scenario: Simultaneous deployment by two teams with the same application name can result in conflicting configuration changes.
Solution: Deploy each team's application in separate namespaces. This prevents clashes and overwriting of configurations, allowing teams to work independently, test their changes, and ensure smooth progress without interference.
Viewing namespace:
kubectl get namespace
Setting up a namespace for a particular request
kubectl config set-context --current --namespace=<insert-namespace-name>
Creating a namespace:
kubectl create namespace <insert-namespace-name>
Ingress:
Ingress is a Kubernetes resource that acts as an entry point for external traffic to reach services within the cluster. It provides a flexible and customizable routing mechanism by defining rules for incoming HTTP and HTTPS traffic. Ingress simplifies the management of external access, enabling features like load balancing, SSL termination, and path-based routing.
Ingress Controller:
To utilize Kubernetes Ingress, you will need to deploy an Ingress Controller. You have a vast choice when it comes to choosing an ingress controller. Here is a list of all the ones that Kubernetes supports. The three most popular ingress controllers deployed on Kubernetes are:
Nginx
Traefik
HAProxy
Setting Up Kubernetes-Dashboard using Ingress in Minikube:
Install Kubernetes-Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
Enable Access to the Dashboard
kubectl proxy
Check all the resources
kubectl get all -n kubernetes-dashboard
Install ingress controller
minikube addons enable ingress
Create ingress rule to access the dashboard, created a yaml file as given below
it can be changed as per the requirements
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: dashboard-ingress namespace: kubernetes-dashboard annotations: kubernetes.io/ingress.class: "nginx" spec: rules: - host: dashboard.com http: paths: - path: / pathType: Exact backend: service: name: kubernetes-dashboard port: number: 80
Wait for a little time and run the below command to get the IP address for
Kubernetes-Dashboard
kubectl get ingress -n Kubernetes-dashboard
Map the IP address to domain name by specifying the same in the /etc/hosts file
Ingress has a default backend so whenever a request is not mapped to any backend it will be redirected to the default backend, but we can define internal service for custom pages or error for custom pages by creating a service.yaml file
apiVersion: v1 Kind: Service metadata: name: default-http-backend spec: selector: app:default-response-app ports: - protocol:TCP port:80 targetPort:8080