How to Deploy an Ingress Controller in Azure Kubernetes

What is the Azure Kubernetes Service?

Azure Kubernetes Service (AKS) helps users to deploy a managed Kubernetes cluster in Azure. AKS is available as a hosted Kubernetes free service. Users will need to pay for the agent nodes within the clusters.

A multi-container web application runs on the cluster for the users to access over the Internet.

Managing Application Traffic in Kubernetes With A10 Lightning ADC

The A10 Lightning ADCs daemon-set can be deployed in Kubernetes cluster to manage containerized application traffic in the cluster. The Lightning ADC management capabilities, include load balancing and application security. The A10 Harmony Controller provides centralized management for ADCs and analytics for the applications.

A10 Networks also provides an Ingress Controller for Kubernetes to its container-native load balancing and Application Delivery Controller platform. This allows load balancing of running Kubernetes services and a platform to extract performance metrics.

The Ingress Controller works with Ingress resources to automatically provision application delivery configuration and policies for a container. It can also dynamically update A10’s Lightning ADC load balancer as application services scale within a Kubernetes cluster. It also provides application analytics by collecting metrics that can be used to troubleshoot issues, manage capacity planning, and detect performance or security problems. This analytical data is available through the A10 Harmony portal or a set of APIs.

ingress deployment architecture
Ingress Deployment Architecture

Prerequisites to deploy A10 Solution in Azure AKS Service

Deploying A10 Ingress Controller with Lightning ADC daemon-set on a Node in Azure AKS Service

1. Open a browser and login to Azure portal with Azure user credentials

  • Under all services section type “AKS” and click on AKS services to create a AKS cluster.
  • Azure AKS service provides HTTP application routing enabled by default. It is an add-on front-end load balancing service to load balance user traffic among the nodes. It can be disabled while setting-up the cluster.

azure http application routing
Azure HTTP Application Routing

Optionally you can use the Azure CLI to create the cluster. However, once you have a cluster created you can install Kubernetes and Azure CLI installed on local system.

2. Install Kubernetes and Azure CLI in local system to connect to the AKS cluster

# az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

If you are using Azure Cloud Shell, kubectl is already installed. If you want to install it locally. Once you have Kubernetes Cluster of nodes ready then you can create Lightning ADC daemon-set by generating Cluster-ID and API server URL parameters by using A10 Harmony Portal.

3. Log on to Harmony Controller GUI and create Lightning ADC manual cluster

harmony controller create cluster
Harmony Controller View/Edit Cluster

  • Once you create the Lightning ADC manual cluster, make a note of cluster-id and API server URL information.
  • Deploy A10 Lightning ADC daemon-set by downloading sample LADC_daemon_Set.yaml file.
  • Edit the sample LADC_demon_Set.yaml file and input the ladc_cluster_id and API server URL details into the file and save the changes to the file.
  • Use below command to deploy A10 Lightning ADC Daemon-Set.

# kubectl create -f /path_to_file/LADC_demon_Set.yaml

4. Place Harmony Controller access credentials in Kubernetes Secret

  • Download the example file secret.yaml
  • Edit the file and input the Tenant username and password in base64 format and save the changes to the file.
  • Create the Tenant credential as a Kubernetes secret using the below command.

# kubectl create -f /path_to_file/secret.yaml

5. Deploy A10 Ingress Controller

  • Download the example file deploy_ingress_controller.yaml
  • Edit the file and input the parameters like, Harmony Controller URL, Tenant name, LADC Cluster name, and save the changes to the file.
  • Deploy the Ingress Controller using the command

# kubectl create -f /path_to_file/deploy_ingress_controller.yaml

6. Create Ingress Resource

  • Ingress resource is the object that allows users to define load balancing and content switching rules. Create the Ingress resource from the downloaded sample Ingress_resource.yaml file.
  • Edit the file and input the parameters like, service name, hostname, backend service name port no.
  • Deploy the Ingress controller resource using the below command.

# kubectl create -f /path_to_file/ingress_resource.yaml

7. Deploy the Kubernetes Headless Service

  • When a Kubernetes service is created, by default, Kube-proxy plays the role of a load balancer.
  • When Lightning ADC is added in the path, Kube-proxy becomes redundant.
  • Deploying the application service as headless service eliminates Kube-proxy from the path and traffic will be routed to Lightning ADC.

8. Access the application URL with your browser (i.e http://myapplication.com)

9. To view application traffic analytics, log-on to A10 Harmony Controller portal GUI

The A10 Harmony Controller portal, Analytics Dashboard shows the real-time application user traffic stats like, current traffic Throughput, Response time, connection details along with several metrics for different categories like Client summary, ADC performance, Application response time and Server Health etc.

The image below shows information summary about Client’s Geo Location, Client Requests and Server Response codes, no of Client requests received by Lightning ADC. This helps admin to identify and control user traffic.

harmony controller analytics dashboard
Harmony Controller Analytics Dashboard

 The image below shows the round-trip HTTP request-response time chart measured at different break-points. This helps the admin to visualize the latency at each break-points providing a quick summary to quickly figure out if there are any issue and one needs to investigate.

harmony controller request response dashboard
Harmony Controller Request-Response Dashboard

Summary

The Azure AKS is a hosted service that is simple to deploy a managed Kubernetes node clusters in Azure it reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibilities to Azure in addition the A10 Lightning ADC daemon-set load balance, monitors the application traffic and provides application security and granular analytics. The Ingress controller communicates the configuration specified in Ingress Resources to A10 Harmony Controller via Harmony APIs and creates required application configuration.