Warning
This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.
4.1.3 Host based routing in NGINX Ingress Controller (feat. OCI DNS)
See how the Ingress Controller uses OCI DNS for routing based on domain names.
Using OCI DNS service
This is the process of setting up a domain name that has already been purchased. For testing freenom I used the free Domain Name (thekoguryo.ml) issued by the site.
OCI DNS service settings
Log in to the OCI console.
From the top left hamburger menu, go to Networking > DNS Management > Zones.
Click Create Zone
Enter creation information
Zone is created based on the domain name used.
METHOD: Manual
ZONE NAME: Enter your domain name
COMPARTMENT: the target Compartment to create
ZONE TYPE: Primary
NS type and SOA type records are created inside Zone. NS is name server record, SOA is permission start record. Click Add Record.
Enter and submit the records to be added.
Record Type: A - IPv4 Address
NAME: *.ingress
- Enter the subdomain name to be used by the ingress controller in wildcard format.
TTL: 300, click the lock on the right to unlock and enter the TTL value
RDATA MODE: Basic
ADDRESS: IP to be mapped, here, input IP of Load Balancer of nginx ingress controller created earlier
Click Publish Change to reflect
When the confirmation window appears, click Publish Change once more
Complete Add Record and Reflect
Copy all name server addresses of type NS in the record.
Set on the domain name provider side
Now you need to set up the domain name on the site where you purchased it. The process below is for setting the freenom standard. Set up in a similar way on the site where you purchased it.
Access the freenom site and click Manage Domain to the right of the domain name to be used in My Domain
Select Management Tools > Nameservers above, then select Use custom nameservers (enter below).
After entering the name server addresses that you copied earlier in OCI DNS Zone, click Change Nameservers
DNS Test
Test the DNS registered with the nslookup tool. You can see that it is well registered.
C:\>nslookup *.ingress.thekoguryo.ml Server: kns.kornet.net Address: 168.126.63.1 Unauthorized response: Name: *.ingress.thekoguryo.ml Address: 132.226.225.240
HOST based routing test
This is a case where the routing service is different according to the HOST name.
Deploy the sample app for testing. Use the same app you used for PATH-based routing.
Deploy two web pages with different background colors.
kubectl create deployment nginx-blue --image=thekoguryo/nginx-hello:blue kubectl expose deployment nginx-blue --name nginx-blue-svc --port 80 kubectl create deployment nginx-green --image=thekoguryo/nginx-hello:green kubectl expose deployment nginx-green --name nginx-green-svc --port 80
Write the ingress setup YAML (
host-basic.yaml
).- blue.ingress.thekoguryo.ml requests are routed to nginx-blue-svc
- green.ingress.thekoguryo.ml requests are routed to nginx-green-svc
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-host-basic annotations: kubernetes.io/ingress.class: nginx spec: rules: - host: blue.ingress.thekoguryo.ml http: paths: - path: / pathType: Prefix backend: service: name: nginx-blue-svc port: number: 80 - host: green.ingress.thekoguryo.ml http: paths: - path: / pathType: Prefix backend: service: name: nginx-green-svc port: number: 80
Deploy the created
host-basic.yaml
.$ kubectl apply -f host-basic.yaml ingress.networking.k8s.io/ingress-host-basic created $ kubectl get ingress NAME CLASS HOSTS ADDRESS PORTS AGE ingress-host-basic <none> blue.ingress.thekoguryo.ml,green.ingress.thekoguryo.ml 80 6s
Connect to each host name applied in the ingress rule and check the result.
request blue.ingress.thekoguryo.ml
request green.ingress.thekoguryo.ml
You can see that the route is routed to the target service according to the FQDN of the connected host through the Load Balancer of the Ingress Controller registered in DNS with a wildcard address.
As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.