LoadBalancing with external hosts (from outside the K8s cluster)

So, we can configure in K8s service type ExternalName, e.g.:

kind: Service
apiVersion: v1
metadata:
  name: my-host1-com-kong-api-service
  annotations:
    kubernetes.io/ingress.class: "ingress-kong"
    konghq.com/protocol: https
    konghq.com/path: "/API/"
spec:
  type: ExternalName
  externalName: my.host1.com

and get it working together with kong ingress:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: service-api-com-ingress-kong
  annotations:
    kubernetes.io/ingress.class: "ingress-kong"
    konghq.com/protocol: https
    konghq.com/plugins: jwt-validate-plugin
spec:
  rules:
  - host: service-api.com
    http:
      paths:
      - backend:
          serviceName: my-host1-com-kong-api-service
          servicePort: 443

It’s simple.

But is any possibility to include second external host (e.g. my.host2.com) and do LB between my.host1.com and my.host2.com hosts by kong ingress? Maybe by creating second externalName service and…?

Not that I can think of, no. This is traditionally handled through Kong upstreams, and the controller doesn’t provide any way to manage those directly (they and their endpoints are normally set up automatically based on the available pods for a Kubernetes service).

If you’re using a database, you can manually create configuration, in which case you’d add the different hostnames as targets. However, the controller won’t be able to manage anything associated with that (you’ll need to create the route and service, along with any plugins applied to them, by hand).

Because of the additional requirements and limitations with manual configuration, I’d recommend seeing if you can find a third-party DNS balancer that can aggregate records from both hostnames.

It’s DB-less instance.
Maybe it can be achieved with KongIngres CRD?
I am not sure if this is possible.
Can LB be achieved with hosts outside the cluster using KongIngress CRD (as I understand, then the K8s service would not be used?)

No–the KongIngress settings allow you to control the behavior of the load balancer (healthcheck frequency and such), but not which targets are created. Target information is only sourced from the service information in Kubernetes, which for ExternalNames, is a single external hostname.

OK, thanks for the quick reply.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ