KB
Uploaded byKatherine Bagood
683 views

Kubernetes and the NGINX Plus Ingress Controller

This document summarizes a Tech Talk presentation about using NGINX as an ingress controller and load balancer for Kubernetes applications. It discusses different architectures for deploying NGINX, including using it as a proxy, router mesh, or in a fabric model. It also covers benefits of Kubernetes, examples of basic and advanced ingress resource configurations, and deploying NGINX Plus as an ingress controller. The presentation includes a demo of a cafe application to demonstrate URL and hostname-based routing with SSL termination at the load balancer.

Downloaded 34 times
Welcome to Tech Talks! Atlanta, Georgia Roger Cheeks May 2, 2018
Empowers the creators of the new Digital Worlds
4 High Performance Webserver and Reverse Proxy Web Server
5 Flawless Application Delivery for the Modern Web Load Balancer Content Cache Web Server Monitoring & Management Security Controls
NGINX Application Platform 6 A suite of technologies to develop and deliver digital experiences that span from legacy, monolithic apps to modern, microservices apps.
Monolith ● The way we’ve been doing things ● Single codebase ● Long deployment process ○ Testing dependencies ○ Rolling restarts of servers ○ Traffic rerouting
NGINX for Microservices 8 NGINX helps ensure microservices are: • Connected • Served • Authenticated • Secured • Cached • Load Balanced • Scaled
Proxy Model ● Load Balances requests to services ● Analogous to connectivity for a horizontally scaled monolith ● Services are left to communicate with each other ● Acts as an entry point for monolith migration ● Lays the foundation for building a service mesh
Router Mesh ● Standalone NGINX Plus instance which acts as a traffic manager ● Provides service discovery via DNS SRV records ● Load balances to instances of services ● NGINX Plus provides active health checks allowing for circuit breaker functionality
Fabric Model ● NGINX Plus exists as a sidecar within the same container as the service ● NGINX Plus and the app communicate only on localhost ● Instances of NGINX Plus communicate directly with each other ● Incorporates all the features of the Router Mesh and adds persistent SSL connections
Persistent SSL Connections ● An SSL handshake requires as few as seven steps or as many as 10 ● NGINX Plus uses a keepalive mechanism to persist connections between instances ● The number of handshakes is greatly reduced, thereby decreasing overall latency while maintaining encrypted transmission 1 SYN > 2 < SYN/ACK 3 ACK > 4 ClientHello > 5 < ServerHello < Certificate < ServerKeyExchange < ServerHelloDone 6 ClientKeyExchange > ChangeCipherSpec >ClientFinished > 7 < ChangeCipherSpec < ServerFinished
The Migration Path
Benefits of Kubernetes
15 Kubernetes is system for automating deployment, scaling, and management of containerized applications
Kubernetes makes ops easy… • Run anywhere • Rolling updates • Fault Tolerant • Horizontally scalable • Simple Load Balancing • YAML… and more! 16
17 • Limited to layer 4 only load balancing • Round robin only • No security features • No persistence, SNI, or other advanced features • Production Applications need advanced load balancing consider using an Ingress controller so you can bring your own! Built-in simple load balancing
Why use an Ingress?
19 Ingress • Kubernetes resource • Benefits • Externally reachable URLs • Advanced L7 Load Balancing • SSL/TLS • SNI (hostname based routing) • Security features
20 Ingress Example – Basic
21 Ingress Example – URL based routing
22 Ingress Example – Host based routing
23 Ingress Example – SSL offloading
Deploying NGINX Plus as an Ingress Controller
NGINX Plus 25 NGINX Plus • Load balancing w/ SSL/TLS termination • WebSocket and HTTP/2 support • Layer 7 Routing / Modification • Session persistence • JWT authentication • 24/7 support, no additional cost • Advanced Monitoring… and more!
26 NGINX Plus Ingress Controller • Runs in a container • Well designed, fast and efficient golang script under the hood • Community driven codebase • Available for NGINX and NGINX Plus https://github.com/nginxinc/kubernetes-ingress
27 NGINX Plus Ingress Controller
Configuring NGINX Plus without Ingress
29 Data store + template • Register services with a data store (aka etcd or consul) • Template the NGINX configuration and manage NGINX service via CLI (confd or consul template) datastore Services (containers) NGINX Open Source
30 We love APIs! • Services availability is managed by kubernetes and available via API • Orchestration script can be in any language • NGINX Plus upstreams managed dynamically without configuration reload Services (containers) NGINX Plus API Kubernetes API Orchestration (script)
31 Service Discovery ;D • Built in DNS resolver • Control over TTL • Easily Integrates with existing DNS based service discovery tools
32 My demo today… • URL based routing • Hostname based routing • SSL termination at LB • Support for scaling of replicas at LB via dynamic reconfiguration • Available on github within the Ingress Controller repository ../examples/complete-example/
33 Café Simulation • Café themed application • Two services (URL routing) ◦ /Tea ◦ /Coffee
Demo
Get a NGINX Plus developer license now! Link: https://www.nginx.com/developer-license PW: k8sontop18
Roger Cheeks roger.cheeks@nginx.com Thank You! Learn more at nginx.com

More Related Content

PPTX
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
PDF
Microservices with NGINX pdf
byKatherine Bagood
 
PDF
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
PPTX
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
PPTX
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
NGINX DevSecOps Workshop
byNGINX, Inc.
 
PPTX
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
PDF
Using NGINX and NGINX Plus as a Kubernetes Ingress
byKevin Jones
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
Microservices with NGINX pdf
byKatherine Bagood
 
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
NGINX DevSecOps Workshop
byNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
Using NGINX and NGINX Plus as a Kubernetes Ingress
byKevin Jones
 

What's hot

PPTX
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
PDF
NGINX Microservices Reference Architecture: What’s in Store for 2019 – EMEA
byNGINX, Inc.
 
PDF
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
PDF
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
byNGINX, Inc.
 
PPTX
Achieve Full API Lifecycle Management Using NGINX Controller
byNGINX, Inc.
 
PDF
From Code to Customer with F5 and NGNX London Nov 19
byNGINX, Inc.
 
PPTX
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
PPTX
Simplify Microservices with the NGINX Application Platform
byNGINX, Inc.
 
PPTX
NGINX, Istio, and the Move to Microservices and Service Mesh
byNGINX, Inc.
 
PPTX
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
PDF
Kubernetes Networking
byNGINX, Inc.
 
PPTX
Using an API Gateway for Microservices (APAC Webinar)
byNGINX, Inc.
 
PPTX
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
PDF
Nim tames sprawl
byNGINX, Inc.
 
PPTX
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
PDF
NGINX Plus R19 : EMEA
byNGINX, Inc.
 
PPTX
NGINX Microservices Reference Architecture: Ask Me Anything
byNGINX, Inc.
 
PDF
Simplify Microservices with the NGINX Application Platform - EMEA
byNGINX, Inc.
 
PPTX
NGINX Plus R20 Webinar EMEA
byNGINX, Inc.
 
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
NGINX Microservices Reference Architecture: What’s in Store for 2019 – EMEA
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
byNGINX, Inc.
 
Achieve Full API Lifecycle Management Using NGINX Controller
byNGINX, Inc.
 
From Code to Customer with F5 and NGNX London Nov 19
byNGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
Simplify Microservices with the NGINX Application Platform
byNGINX, Inc.
 
NGINX, Istio, and the Move to Microservices and Service Mesh
byNGINX, Inc.
 
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
Kubernetes Networking
byNGINX, Inc.
 
Using an API Gateway for Microservices (APAC Webinar)
byNGINX, Inc.
 
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
Nim tames sprawl
byNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
NGINX Plus R19 : EMEA
byNGINX, Inc.
 
NGINX Microservices Reference Architecture: Ask Me Anything
byNGINX, Inc.
 
Simplify Microservices with the NGINX Application Platform - EMEA
byNGINX, Inc.
 
NGINX Plus R20 Webinar EMEA
byNGINX, Inc.
 

Similar to Kubernetes and the NGINX Plus Ingress Controller

PPTX
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
PPTX
Flawless Application Delivery with NGINX Plus
byPeter Guagenti
 
PDF
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
PDF
Load Balancing Applications on Kubernetes with NGINX
byAine Long
 
PPTX
Scale your application to new heights with NGINX and AWS
byNGINX, Inc.
 
PPTX
What's New in NGINX Plus R7?
byNGINX, Inc.
 
PPTX
Deploying NGINX Plus & Kubernetes on Google Cloud Platform
byNGINX, Inc.
 
PDF
What’s New in NGINX Plus R16? – EMEA
byNGINX, Inc.
 
PDF
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
PDF
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
PPTX
The 3 Models in the NGINX Microservices Reference Architecture
byNGINX, Inc.
 
PPTX
Building a Secure, Performant Network Fabric for Microservice Applications
byinovia
 
PPTX
What's New in NGINX Plus R10?
byNGINX, Inc.
 
PPTX
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
byNGINX, Inc.
 
PDF
Complete-NGINX-Cookbook-2019.pdf
byTomaszWojciechowski22
 
PPTX
Accelerating Your Web Application with NGINX
byKevin Jones
 
PPTX
What’s New in NGINX Plus R16?
byNGINX, Inc.
 
PPTX
What's New in NGINX Plus R8
byNGINX, Inc.
 
PPTX
What's new in NGINX Plus R9
byNGINX, Inc.
 
PPTX
What's new in NGINX Plus R19
byNGINX, Inc.
 
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
Flawless Application Delivery with NGINX Plus
byPeter Guagenti
 
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
Load Balancing Applications on Kubernetes with NGINX
byAine Long
 
Scale your application to new heights with NGINX and AWS
byNGINX, Inc.
 
What's New in NGINX Plus R7?
byNGINX, Inc.
 
Deploying NGINX Plus & Kubernetes on Google Cloud Platform
byNGINX, Inc.
 
What’s New in NGINX Plus R16? – EMEA
byNGINX, Inc.
 
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
The 3 Models in the NGINX Microservices Reference Architecture
byNGINX, Inc.
 
Building a Secure, Performant Network Fabric for Microservice Applications
byinovia
 
What's New in NGINX Plus R10?
byNGINX, Inc.
 
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
byNGINX, Inc.
 
Complete-NGINX-Cookbook-2019.pdf
byTomaszWojciechowski22
 
Accelerating Your Web Application with NGINX
byKevin Jones
 
What’s New in NGINX Plus R16?
byNGINX, Inc.
 
What's New in NGINX Plus R8
byNGINX, Inc.
 
What's new in NGINX Plus R9
byNGINX, Inc.
 
What's new in NGINX Plus R19
byNGINX, Inc.
 

Recently uploaded

PDF
Streamline complex activities with AI PCs featuring AMD Ryzen processors
byPrincipled Technologies
 
PDF
Transcript: Embedding sustainability: Tips for ebook and print production - T...
byBookNet Canada
 
DOCX
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
PDF
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
 
PDF
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
PPTX
UiPath Automation Suite_Community Session_3/3
bysuhanisingh58689
 
PDF
Dev Dives: Unlocking Enterprise Data with UiPath Data Fabric
byUiPathCommunity
 
DOCX
Formula 2 - APIC HBEL general calculation.docx
byMarkus Janssen
 
PPTX
UiPath Data Fabric From Data Silos to Unified Flows.pptx
bysuhanisingh58689
 
PDF
Embedding sustainability: Tips for ebook and print production - Tech Forum 2025
byBookNet Canada
 
PDF
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
 
PPTX
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
PDF
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 
PDF
Spec Driven Development with Kiro: Ensuring Quality and Traceability in the A...
byHaim Michael
 
PPTX
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
PPTX
Stop Worrying, Start Wiring: Azure Serverless for the AI Era
byMuralidharan Deenathayalan
 
PDF
Staying Ahead of the Curve - Roaming Just Got Easier
bypanagenda
 
PDF
Integrare AI e Automazione con UiPath Agent Builder
byUiPathCommunity
 
PDF
AI Demands More: Help Ensure Network Readiness With ThousandEyes
byThousandEyes
 
PPTX
Building Smarter Integrations with MuleSoft_ MCP Server and Cursor in Action ...
byKunal Gupta
 
Streamline complex activities with AI PCs featuring AMD Ryzen processors
byPrincipled Technologies
 
Transcript: Embedding sustainability: Tips for ebook and print production - T...
byBookNet Canada
 
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
 
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
UiPath Automation Suite_Community Session_3/3
bysuhanisingh58689
 
Dev Dives: Unlocking Enterprise Data with UiPath Data Fabric
byUiPathCommunity
 
Formula 2 - APIC HBEL general calculation.docx
byMarkus Janssen
 
UiPath Data Fabric From Data Silos to Unified Flows.pptx
bysuhanisingh58689
 
Embedding sustainability: Tips for ebook and print production - Tech Forum 2025
byBookNet Canada
 
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
 
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 
Spec Driven Development with Kiro: Ensuring Quality and Traceability in the A...
byHaim Michael
 
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
Stop Worrying, Start Wiring: Azure Serverless for the AI Era
byMuralidharan Deenathayalan
 
Staying Ahead of the Curve - Roaming Just Got Easier
bypanagenda
 
Integrare AI e Automazione con UiPath Agent Builder
byUiPathCommunity
 
AI Demands More: Help Ensure Network Readiness With ThousandEyes
byThousandEyes
 
Building Smarter Integrations with MuleSoft_ MCP Server and Cursor in Action ...
byKunal Gupta
 

Kubernetes and the NGINX Plus Ingress Controller

  • 1.
    Welcome to TechTalks! Atlanta, Georgia Roger Cheeks May 2, 2018
  • 2.
    Empowers the creatorsof the new Digital Worlds
  • 4.
    4 High Performance Webserverand Reverse Proxy Web Server
  • 5.
    5 Flawless Application Deliveryfor the Modern Web Load Balancer Content Cache Web Server Monitoring & Management Security Controls
  • 6.
    NGINX Application Platform 6 A suite of technologiesto develop and deliver digital experiences that span from legacy, monolithic apps to modern, microservices apps.
  • 7.
    Monolith ● The waywe’ve been doing things ● Single codebase ● Long deployment process ○ Testing dependencies ○ Rolling restarts of servers ○ Traffic rerouting
  • 8.
    NGINX for Microservices 8 NGINXhelps ensure microservices are: • Connected • Served • Authenticated • Secured • Cached • Load Balanced • Scaled
  • 9.
    Proxy Model ● LoadBalances requests to services ● Analogous to connectivity for a horizontally scaled monolith ● Services are left to communicate with each other ● Acts as an entry point for monolith migration ● Lays the foundation for building a service mesh
  • 10.
    Router Mesh ● StandaloneNGINX Plus instance which acts as a traffic manager ● Provides service discovery via DNS SRV records ● Load balances to instances of services ● NGINX Plus provides active health checks allowing for circuit breaker functionality
  • 11.
    Fabric Model ● NGINXPlus exists as a sidecar within the same container as the service ● NGINX Plus and the app communicate only on localhost ● Instances of NGINX Plus communicate directly with each other ● Incorporates all the features of the Router Mesh and adds persistent SSL connections
  • 12.
    Persistent SSL Connections ●An SSL handshake requires as few as seven steps or as many as 10 ● NGINX Plus uses a keepalive mechanism to persist connections between instances ● The number of handshakes is greatly reduced, thereby decreasing overall latency while maintaining encrypted transmission 1 SYN > 2 < SYN/ACK 3 ACK > 4 ClientHello > 5 < ServerHello < Certificate < ServerKeyExchange < ServerHelloDone 6 ClientKeyExchange > ChangeCipherSpec >ClientFinished > 7 < ChangeCipherSpec < ServerFinished
  • 13.
  • 14.
  • 15.
    15 Kubernetes is systemfor automating deployment, scaling, and management of containerized applications
  • 16.
    Kubernetes makes opseasy… • Run anywhere • Rolling updates • Fault Tolerant • Horizontally scalable • Simple Load Balancing • YAML… and more! 16
  • 17.
    17 • Limited tolayer 4 only load balancing • Round robin only • No security features • No persistence, SNI, or other advanced features • Production Applications need advanced load balancing consider using an Ingress controller so you can bring your own! Built-in simple load balancing
  • 18.
    Why use anIngress?
  • 19.
    19 Ingress • Kubernetes resource •Benefits • Externally reachable URLs • Advanced L7 Load Balancing • SSL/TLS • SNI (hostname based routing) • Security features
  • 20.
  • 21.
    21 Ingress Example –URL based routing
  • 22.
    22 Ingress Example –Host based routing
  • 23.
    23 Ingress Example –SSL offloading
  • 24.
    Deploying NGINX Plusas an Ingress Controller
  • 25.
    NGINX Plus 25 NGINX Plus •Load balancing w/ SSL/TLS termination • WebSocket and HTTP/2 support • Layer 7 Routing / Modification • Session persistence • JWT authentication • 24/7 support, no additional cost • Advanced Monitoring… and more!
  • 26.
    26 NGINX Plus IngressController • Runs in a container • Well designed, fast and efficient golang script under the hood • Community driven codebase • Available for NGINX and NGINX Plus https://github.com/nginxinc/kubernetes-ingress
  • 27.
  • 28.
    Configuring NGINX Pluswithout Ingress
  • 29.
    29 Data store +template • Register services with a data store (aka etcd or consul) • Template the NGINX configuration and manage NGINX service via CLI (confd or consul template) datastore Services (containers) NGINX Open Source
  • 30.
    30 We love APIs! •Services availability is managed by kubernetes and available via API • Orchestration script can be in any language • NGINX Plus upstreams managed dynamically without configuration reload Services (containers) NGINX Plus API Kubernetes API Orchestration (script)
  • 31.
    31 Service Discovery ;D •Built in DNS resolver • Control over TTL • Easily Integrates with existing DNS based service discovery tools
  • 32.
    32 My demo today… •URL based routing • Hostname based routing • SSL termination at LB • Support for scaling of replicas at LB via dynamic reconfiguration • Available on github within the Ingress Controller repository ../examples/complete-example/
  • 33.
    33 Café Simulation • Caféthemed application • Two services (URL routing) ◦ /Tea ◦ /Coffee
  • 34.
  • 35.
    Get a NGINXPlus developer license now! Link: https://www.nginx.com/developer-license PW: k8sontop18
  • 36.