Use an Ingress to enable external access to applications on a virtual node

Prerequisites

A virtual node is deployed in your ACK cluster. For more information, see Deploy ack-virtual-node in an ACK cluster.

The virtual-node-affinity-injection: enabled label is added to the namespace vk. For more information, see Create a pod in a namespace with specified labels.

Procedure

1. Log on to the Container Service for Kubernetes (ACK) console.
2. In the left-side navigation pane of the ACK console, click Clusters.
3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
4. In the left-side navigation pane of the details page, choose Workloads > Deployments.
5. On the Workload page, click the Deployments tab. In the upper-right corner of the Deployments tab, click Create from Template.
6. Select a sample template or customize a template, and click Create.
   

   You can use the following YAML template to create applications and required resource objects for external access:

   apiVersion: extensions/v1beta1
   kind: Deployment
   metadata:
     name: coffee
   spec:
     replicas: 2
     selector:
       matchLabels:
         app: coffee
     template:
       metadata:
         labels:
           app: coffee
       spec:
         containers:
         - name: coffee
           image: nginxdemos/hello:plain-text
           ports:
           - containerPort: 80
   ---
   apiVersion: v1
   kind: Service
   metadata:
     name: coffee-svc
   spec:
     ports:
     - port: 80
       targetPort: 80
       protocol: TCP
     selector:
       app: coffee
     clusterIP: None
   ---
   apiVersion: extensions/v1beta1
   kind: Deployment
   metadata:
     name: tea
   spec:
     replicas: 3
     selector:
       matchLabels:
         app: tea
     template:
       metadata:
         labels:
           app: tea
       spec:
         containers:
         - name: tea
           image: nginxdemos/hello:plain-text
           ports:
           - containerPort: 80
   ---
   apiVersion: v1
   kind: Service
   metadata:
     name: tea-svc
     labels:
   spec:
     ports:
     - port: 80
       targetPort: 80
       protocol: TCP
     selector:
       app: tea
     clusterIP: None
   ---
   apiVersion: extensions/v1beta1
   kind: Ingress
   metadata:
     name: cafe-ingress
   spec:
     rules:
     - host: cafe.example.com
       http:
         paths:
         - path: /tea
           backend:
             serviceName: tea-svc
             servicePort: 80
         - path: /coffee
           backend:
             serviceName: coffee-svc
             servicePort: 80

Verify the results

• Go to the Workload page and click the Deployments tab. On the Deployments tab, you can find the newly created Deployments that are named coffee and tea.
• Go to the Workload page and click the Pods tab. On the Pods tab, you can find that all pods of the created Deployments run on the virtual-kubelet node.
• On the details page of the cluster, click Ingresses in the left-side navigation pane. On the Ingresses page, you can find the newly created Ingress.
• Run the following command to check whether you can access the applications through the Ingress:

  kubectl  get ing

  Expected output:

  NAME           HOSTS              ADDRESS          PORTS   AGE
  cafe-ingress   cafe.example.com   114.55.252.185   80      6m18s

  curl -H "Host:cafe.example.com" <EXTERNAL_IP>/tea

  Expected output:

  Server address: 192.168.xx.xx:80
  Server name: tea-658d56f6cc-cxxxx
  Date: 25/Sep/2020:12:36:50 +0000
  URI: /tea
  Request ID: b01d5bab9ae07abb8bc385377193xxxx

  curl -H "Host:cafe.example.com" <EXTERNAL_IP>/coffee

  Expected output:

  Server address: 192.168.xx.xx:80
  Server name: coffee-8c8ff9b4f-hxxxx
  Date: 25/Sep/2020:12:36:47 +0000
  URI: /coffee
  Request ID: 722fe41a65a7fb552613c56e0a9axxxx