Author : HASSAN MD TAREQ | Updated : 2021/05/05
Application Gateway Ingress Controller?
- Application Gateway Ingress Controller (AGIC) is a combination of K8s ingress controller and Azure Application Gateway. Combindly they provide K8s ingress (http/https traffic to K8s services)
- AGIC eliminates need for multiple load balancers (uses single load balancer)
- AGIC provides url routing for internet or intranet applications using single public IP address
- Azure Application Gateway provides SSL termication, WAF etc.
How Does AGIC Work?
- When ingress is enabled in AKS, K8s ingress controller is deployed to AKS cluster as Pod
- Based on the ingress rules specified (in ingress manifest file), AGIC will instruct Azure Resource Manager (ARM)
- ARM will deploy Azure Application Gateway and configure it accordingly so that traffic is routed to K8s services properly
- AGIC monitors a subset of Kubernetes Resources for changes and te state of the AKS cluster is translated to Application Gateway specific configuration and applied to ARM
Enabling Ingress in AKS
- AKS Add-on (Azure portal)
- Helm deployment
helm repo add application-gateway-kubernetes-ingress https://appgwingress.blob.core.windows.net/ingress-azure-helm-package/
Enable ingress in Azure portal (AKS Add-on)
- Azure portal > AKS
- Settings: Networking > Enable ingress controller
- Select existing ‘Application gateway’ or new ‘Application gateway’ will be provisioned
Creating A Basic Ingress
Check K8s api versions (to use in manifest files)