What are the Advantages of using Kubernetes Ingress in Azure AKS
up vote
2
down vote
favorite
My understanding is that setting the Service
type to LoadBalancer
creates a new Azure Load Balancer and assigns an IP address to the Service
. Does this mean that I can have multiple Services using port 80? If the app behind my Service
(an ASP.NET Core app) can handle TLS and HTTPS why shouldn't I just use LoadBalancer
's for any Service
I want to expose to the internet?
what is the advantage of using an Ingress
if I don't care about TLS termination (You can let Cloudflare handle TLS termination)? If anything, it slows things down by adding an extra hop for every request.
azure kubernetes kubernetes-ingress azure-kubernetes azure-aks
add a comment |
up vote
2
down vote
favorite
My understanding is that setting the Service
type to LoadBalancer
creates a new Azure Load Balancer and assigns an IP address to the Service
. Does this mean that I can have multiple Services using port 80? If the app behind my Service
(an ASP.NET Core app) can handle TLS and HTTPS why shouldn't I just use LoadBalancer
's for any Service
I want to expose to the internet?
what is the advantage of using an Ingress
if I don't care about TLS termination (You can let Cloudflare handle TLS termination)? If anything, it slows things down by adding an extra hop for every request.
azure kubernetes kubernetes-ingress azure-kubernetes azure-aks
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
My understanding is that setting the Service
type to LoadBalancer
creates a new Azure Load Balancer and assigns an IP address to the Service
. Does this mean that I can have multiple Services using port 80? If the app behind my Service
(an ASP.NET Core app) can handle TLS and HTTPS why shouldn't I just use LoadBalancer
's for any Service
I want to expose to the internet?
what is the advantage of using an Ingress
if I don't care about TLS termination (You can let Cloudflare handle TLS termination)? If anything, it slows things down by adding an extra hop for every request.
azure kubernetes kubernetes-ingress azure-kubernetes azure-aks
My understanding is that setting the Service
type to LoadBalancer
creates a new Azure Load Balancer and assigns an IP address to the Service
. Does this mean that I can have multiple Services using port 80? If the app behind my Service
(an ASP.NET Core app) can handle TLS and HTTPS why shouldn't I just use LoadBalancer
's for any Service
I want to expose to the internet?
what is the advantage of using an Ingress
if I don't care about TLS termination (You can let Cloudflare handle TLS termination)? If anything, it slows things down by adding an extra hop for every request.
azure kubernetes kubernetes-ingress azure-kubernetes azure-aks
azure kubernetes kubernetes-ingress azure-kubernetes azure-aks
edited Nov 21 at 17:10
asked Nov 21 at 15:34
Muhammad Rehan Saeed
11.3k9107179
11.3k9107179
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
No, you cant have multiple services listening on port 80, as load balancer wont know where to route them (ingress will, however). If you can affort to host each service on different port you could use load balancer. alternatively, if you have public ip for each service and different backend port on each service you can achieve this.
quote: The protocol and port combination you entered matches another rule used by this load balancer. The protocol and port combination of each load balancing rule and inbound NAT rule on a load balancer must be unique.
again, if you are a developer, you probably do not realize how much more convenient it is to manage certificate on ingress, and not on all individual containers that are supposed to be accessible
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of typeLoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.
– alev
Nov 21 at 22:19
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
No, you cant have multiple services listening on port 80, as load balancer wont know where to route them (ingress will, however). If you can affort to host each service on different port you could use load balancer. alternatively, if you have public ip for each service and different backend port on each service you can achieve this.
quote: The protocol and port combination you entered matches another rule used by this load balancer. The protocol and port combination of each load balancing rule and inbound NAT rule on a load balancer must be unique.
again, if you are a developer, you probably do not realize how much more convenient it is to manage certificate on ingress, and not on all individual containers that are supposed to be accessible
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of typeLoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.
– alev
Nov 21 at 22:19
add a comment |
up vote
1
down vote
No, you cant have multiple services listening on port 80, as load balancer wont know where to route them (ingress will, however). If you can affort to host each service on different port you could use load balancer. alternatively, if you have public ip for each service and different backend port on each service you can achieve this.
quote: The protocol and port combination you entered matches another rule used by this load balancer. The protocol and port combination of each load balancing rule and inbound NAT rule on a load balancer must be unique.
again, if you are a developer, you probably do not realize how much more convenient it is to manage certificate on ingress, and not on all individual containers that are supposed to be accessible
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of typeLoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.
– alev
Nov 21 at 22:19
add a comment |
up vote
1
down vote
up vote
1
down vote
No, you cant have multiple services listening on port 80, as load balancer wont know where to route them (ingress will, however). If you can affort to host each service on different port you could use load balancer. alternatively, if you have public ip for each service and different backend port on each service you can achieve this.
quote: The protocol and port combination you entered matches another rule used by this load balancer. The protocol and port combination of each load balancing rule and inbound NAT rule on a load balancer must be unique.
again, if you are a developer, you probably do not realize how much more convenient it is to manage certificate on ingress, and not on all individual containers that are supposed to be accessible
No, you cant have multiple services listening on port 80, as load balancer wont know where to route them (ingress will, however). If you can affort to host each service on different port you could use load balancer. alternatively, if you have public ip for each service and different backend port on each service you can achieve this.
quote: The protocol and port combination you entered matches another rule used by this load balancer. The protocol and port combination of each load balancing rule and inbound NAT rule on a load balancer must be unique.
again, if you are a developer, you probably do not realize how much more convenient it is to manage certificate on ingress, and not on all individual containers that are supposed to be accessible
edited Nov 21 at 16:48
answered Nov 21 at 15:55
4c74356b41
23.2k32050
23.2k32050
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of typeLoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.
– alev
Nov 21 at 22:19
add a comment |
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of typeLoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.
– alev
Nov 21 at 22:19
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
But if the load balancer is a separate IP address, then in theory each can have it's own application on port 80. Could the load balancer route port 80 requests to Services on different ports?
– Muhammad Rehan Saeed
Nov 21 at 16:11
1
1
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
yeah, with different backend ports that would work
– 4c74356b41
Nov 21 at 16:47
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
I'm guessing the only downside might be cost, I'm not sure how the pricing works out or what you pay for? On the upside, you would not be paying for the compute power to run the ingress containers. BTW, I thinking that you could use Cloudflare to do TLS termination. I suspect that this is the fastest, cheapest compromise when it comes to using Kubernetes.
– Muhammad Rehan Saeed
Nov 21 at 17:12
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
nah, biggest downside is complexity. ip addresses cost almost nothing. managing certificates on different deployments would be a nightmare. and you'd have to code for that as well. makes no sense really
– 4c74356b41
Nov 21 at 17:14
In Azure, every service of type
LoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.– alev
Nov 21 at 22:19
In Azure, every service of type
LoadBalancer
gets a new PublicIP attached to the one Load Balancer created when the first service of this type is created. So it's perfectly possible to expose multiple services on the same port.– alev
Nov 21 at 22:19
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53415487%2fwhat-are-the-advantages-of-using-kubernetes-ingress-in-azure-aks%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown