Desmond  Gerber

Desmond Gerber


How to Simplify Kubernetes Ingress and Egress Traffic Management

One of the ways a  service mesh can actually make it more complicated to manage a  Kubernetes environment is when it must be configured separately from the  Ingress controller. Separate configurations aren’t just time‑consuming, either. They increase the probability of configuration errors that can prevent proper traffic routing and even lead to security vulnerabilities (like bad actors gaining access to restricted apps) and poor experiences (like customers not being able to access apps they’re authorized for). Beyond the time it takes to perform separate configurations, you end up spending more time troubleshooting errors.

You can avoid these problems – and save time – by integrating  NGINX Plus Ingress Controller with  NGINX Service Mesh to control both ingress and egress mTLS traffic. In this video demo, we cover the complete steps.

Supporting documentation is referenced in the following sections:

  • Prerequisites
  • Deploying NGINX Plus Ingress Controller with NGINX Service Mesh
  • Using a Standard Kubernetes Ingress Resource to Expose the App
  • Using an NGINX VirtualServer Resource to Expose the App
  • Configuring a Secure Egress Route with NGINX Ingress Controller

Prerequisites (0:18)

Before starting the actual demo, we performed these prerequisites:

  1. Installed the  NGINX Server Mesh control plane in the Kubernetes cluster and  set up mTLS and the strict policy for the service mesh.
  2. Installed  NGINX Ingress Controller as a Deployment (rather than a DaemonSet) in the Kubernetes cluster,  enabled egress, and  exposed it as a service of type LoadBalancer.
  3. Followed our  instructions to download the sample bookinfo app, inject the NGINX Service Mesh sidecar, and deploy the app.

#blog #tech #microservices #service mesh

How to Simplify Kubernetes Ingress and Egress Traffic Management