Blog

How to Deploy an Ingress Controller in Azure Kubernetes

A10 Blog / Network Management / How to Deploy an Ingress Controller in Azure Kubernetes

August 14, 2018

What is the Azure Kubernetes Service?

Azure Kubernetes Service (AKS) helps users to deploy a managed Kubernetes cluster in Azure. AKS is available as a hosted Kubernetes free service. Users will need to pay for the agent nodes within the clusters.

A multi-container web application runs on the cluster for the users to access over the Internet.

Managing Application Traffic in Kubernetes With A10 Lightning ADC

The A10 Lightning ADCs daemon-set can be deployed in Kubernetes cluster to manage containerized application traffic in the cluster. The Lightning ADC management capabilities, include load balancing and application security. The A10 Harmony Controller provides centralized management for ADCs and analytics for the applications.

A10 Networks also provides an Ingress Controller for Kubernetes to its container-native load balancing and Application Delivery Controller platform. This allows load balancing of running Kubernetes services and a platform to extract performance metrics.

The Ingress Controller works with Ingress resources to automatically provision application delivery configuration and policies for a container. It can also dynamically update A10’s Lightning ADC load balancer as application services scale within a Kubernetes cluster. It also provides application analytics by collecting metrics that can be used to troubleshoot issues, manage capacity planning, and detect performance or security problems. This analytical data is available through the A10 Harmony portal or a set of APIs.

ingress deployment architecture — **Ingress Deployment Architecture**

Prerequisites to deploy A10 Solution in Azure AKS Service

Log on to Azure AKS and create Kubernetes Node Cluster
Deploy A10 Lightning ADC daemon-set and Ingress Controller
Deploy A10 Harmony Controller in datacenter
Log on to Harmony Controller and create a manual Lightning ADC Cluster

Deploying A10 Ingress Controller with Lightning ADC daemon-set on a Node in Azure AKS Service

1. Open a browser and login to Azure portal with Azure user credentials

Under all services section type “AKS” and click on AKS services to create a AKS cluster.
Azure AKS service provides HTTP application routing enabled by default. It is an add-on front-end load balancing service to load balance user traffic among the nodes. It can be disabled while setting-up the cluster.

azure http application routing — **Azure HTTP Application Routing**

Optionally you can use the Azure CLI to create the cluster. However, once you have a cluster created you can install Kubernetes and Azure CLI installed on local system.

2. Install Kubernetes and Azure CLI in local system to connect to the AKS cluster

Install Azure CLI
Install Kubernetes
To connect to the Kubernetes cluster from the local system enter this command in the Azure CLI.

# az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

If you are using Azure Cloud Shell, kubectl is already installed. If you want to install it locally. Once you have Kubernetes Cluster of nodes ready then you can create Lightning ADC daemon-set by generating Cluster-ID and API server URL parameters by using A10 Harmony Portal.

`3. Log on to Harmony Controller GUI and create Lightning ADC manual cluster`

harmony controller create cluster — **Harmony Controller View/Edit Cluster**

Once you create the Lightning ADC manual cluster, make a note of cluster-id and API server URL information.
Deploy A10 Lightning ADC daemon-set by downloading sample LADC_daemon_Set.yaml file.
Edit the sample LADC_demon_Set.yaml file and input the ladc_cluster_id and API server URL details into the file and save the changes to the file.
Use below command to deploy A10 Lightning ADC Daemon-Set.

# kubectl create -f /path_to_file/LADC_demon_Set.yaml

`4. Place Harmony Controller access credentials in Kubernetes Secret`

Download the example file secret.yaml
Edit the file and input the Tenant username and password in base64 format and save the changes to the file.
Create the Tenant credential as a Kubernetes secret using the below command.

# kubectl create -f /path_to_file/secret.yaml

`5. Deploy A10 Ingress Controller`

Download the example file deploy_ingress_controller.yaml
Edit the file and input the parameters like, Harmony Controller URL, Tenant name, LADC Cluster name, and save the changes to the file.
Deploy the Ingress Controller using the command

# kubectl create -f /path_to_file/deploy_ingress_controller.yaml

`6. Create Ingress Resource`

Ingress resource is the object that allows users to define load balancing and content switching rules. Create the Ingress resource from the downloaded sample Ingress_resource.yaml file.
Edit the file and input the parameters like, service name, hostname, backend service name port no.
Deploy the Ingress controller resource using the below command.

# kubectl create -f /path_to_file/ingress_resource.yaml

`7. Deploy the Kubernetes Headless Service`

When a Kubernetes service is created, by default, Kube-proxy plays the role of a load balancer.
When Lightning ADC is added in the path, Kube-proxy becomes redundant.
Deploying the application service as headless service eliminates Kube-proxy from the path and traffic will be routed to Lightning ADC.

`8. Access the application URL with your browser (i.e https://myapplication.com)`

`9. To view application traffic analytics, log-on to A10 Harmony Controller portal GUI`

The A10 Harmony Controller portal, Analytics Dashboard shows the real-time application user traffic stats like, current traffic Throughput, Response time, connection details along with several metrics for different categories like Client summary, ADC performance, Application response time and Server Health etc.

The image below shows information summary about Client's Geo Location, Client Requests and Server Response codes, no of Client requests received by Lightning ADC. This helps admin to identify and control user traffic.

harmony controller analytics dashboard — **Harmony Controller Analytics Dashboard**

The image below shows the round-trip HTTP request-response time chart measured at different break-points. This helps the admin to visualize the network latency at each break-points providing a quick summary to quickly figure out if there are any issue and one needs to investigate.

harmony controller request response dashboard — **Harmony Controller Request-Response Dashboard**

   Summary
The Azure AKS is a hosted service that is simple to deploy a managed Kubernetes node clusters in Azure it reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibilities to Azure in addition the A10 Lightning ADC daemon-set load balance, monitors the application traffic and provides application security and granular analytics. The Ingress controller communicates the configuration specified in Ingress Resources to A10 Harmony Controller via Harmony APIs and creates required application configuration.
 
 
   Share this post:
Share on X (Twitter)Share on FacebookShare on LinkedInShare on Email
     Categories: 
   Network Management  
 
 
 
 
     Previous Post
 A10 Harmony Controller v4.1 Update 
  Next Post 
 IoT and DDoS: Cyberattacks on the Rise 
 
  
      
  Arshad Khan 
 |  August 14, 2018

      How cloud-ready and modernized are your application services?
  Take the Survey  
      
  Related Resources
Getting to Ubiquity: The Urban and Rural Digital Divide
Rural Broadband in the Real World: How One Operator Is Tackling the Digital Divide

A10 to Secure and Deliver AI Applications and Help Increase Cyber Resilience

Enterprise

Service Providers

DDoS Attackers Uncovered: Understanding the DDoS Landscape

Product Support Overview

Find the Next Step in Your Career at A10 Networks