Deploying Service or Ingress on GKE

Getting Started with GKE: Endpoints with Service and Ingress

Joaquín Menchaca (智裕)
Google Cloud - Community
6 min readJun 29, 2020

After provisioning a Kubernetes cluster using GKE (Google Kubernetes Engine) and deploying a web application, such as hello-kubernetes, we want to access them through an Endpoint.

There are two common paths on Kubernetes that you can use for Endpoints:

Previous Articles

In previous articles, we covered building or provisioning the GKE cluster.

Provisioning using Cloud SDK

Provisioning using Terraform

Prerequisites

You will need the following tool requirements:

  • Google Cloud SDK that is authorized to your google account with a regsitered Google project. We’ll use the fictional project of acme-quality-team for this article.
  • Kubectl (pronounced koob-cuttle) is the Kubernetes client cli tool to interaction with the cluster and installing Kubernetes manifests.

Building the GKE Cluster

In previous articles (see above), there are tutorials on how to provision a cluster with either Google Cloud SDK or Terraform. You can use those for this exercise.

If you want to get something up quickly for just this exercise, you can run this below:

This process will take about 3 minutes for a three node cluster with one node in a unique availability zone in us-central1.

You can see the cluster and nodes you created with the following commands:

Endpoint with Service Resource

A service resources acts as a proxy to route traffic designated pods deployed across worker nodes within a Kubernetes cluster. For creating an Endpoint, we’ll use a particular service type of LoadBalancer. This will provision a Layer 4 load balancer in Google Cloud.

Service Resource with LoadBalancer Service Type

Deploy Deployment Controller

We first need to deploy the application using a deployment controller to deploy three pods across our cluster. Create a file named hello_gke_extlb_deploy.yaml with the following content:

Deploy this with the following command:

Deploy Service Load Balancer Type

Now we deploy a service that will connect traffic to one of the pods.

Create a file named hello_gke_extlb_svc.yaml with the following content:

Deploy this with the following command:

Test the Connection

You can check the status of the service with the following:

Initially, you may see pending under the EXTERNAL-IP column. This means Google Cloud is provisioning the network load balancer. After a few moments, you should see something like this:

Output of kubectl get services

We can also peak at the corresponding network load balancer outside the cluster:

Which should show something like this:

Copy the IP address into a web browser. Using the above output, you would type: http://104.198.141.152 in the web browser and see something like this:

web browser display through NLB

Cleanup

You an remove these resources through the following:

Endpoint with Ingress Resource

An ingress is essentially a reverse proxy with a common declarative language (ingress resource) to configure rules to route web traffic back to service. The implementation depends on the ingress controller you wish to install, such as ingress-nginx, haproxy-ingress, traefik, or ambassador, to name a few.

GKE comes bundled with ingress-gce, or GLBC (Google Load Balancer Controller) that is described as:

GCE L7 load balancer controller that manages external loadbalancers configured through the Kubernetes Ingress API.

Ingress Resource and Service Resource of NodePort Type

Deploy Deployment Controller

Deploy a web application using a deployment controller. Create a file named hello_gke_ing_deploy.yaml with the following content:

Deploy this with the following command:

Deploy Service NodePort Type

The default GKE ingress (gce) will only work with a Service type of either NodePort or LoadBalancer. As we only want one Endpoint through the ingress, we’ll choose NodePort.

Create a file named hello_gke_ing_svc.yaml with the following content:

Deploy this with the following command:

Deploy Ingress

An ingress can route web traffic based on the hostname and URL path. In our simple implementation, we’ll route everything (/*) to our single designated service. The service will then further route traffic to one of three available pods.

Create a file named hello_gke_ing_ing.yaml with the following content:

Deploy this with the following command:

Test the Connection

You can run this to see the ingress in action:

You should see something like this:

We can also peak at corresponding http proxy that Google Cloud provisions:

This output should look similar to this:

Copy the IP address and type it into a browser, for example: http://34.98.86.241 in the web browser. Initially, as may see a 404 error, which could mean that Google is still setting things up.

Google 404 error from GLBC

After a few minutes, the URL should eventually work:

web browser display through GLBC

Cleanup

You an remove these resources through the following:

Resources

Here are some references to some of the documentation related to material covered in this article.

Blog Source Code

I put the source code used in this blog here:

Kubernetes

These have general overview of Kubernetes concepts.

GKE (Google Kubernetes Engine)

These are implementation specific documentation.

Google Cloud

Conclusion

The goal of this article was to demonstrate how to add an Endpoint for your web application on Kubernetes and also show how GKE integrates with Google Cloud to provision these Endpoints.

I hope this was useful in your Kubernetes with GKE adventures. In future articles I would like to expand this further by showing how to integrate management of DNS names and TLS certificates from Kubernetes.

Sign up to discover human stories that deepen your understanding of the world.

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Google Cloud - Community
Google Cloud - Community

Published in Google Cloud - Community

A collection of technical articles and blogs published or curated by Google Cloud Developer Advocates. The views expressed are those of the authors and don't necessarily reflect those of Google.

Joaquín Menchaca (智裕)
Joaquín Menchaca (智裕)

Written by Joaquín Menchaca (智裕)

DevOps/SRE/PlatformEng — k8s, o11y, vault, terraform, ansible

Responses (2)

When I create ingress i got no matches for kind error "Ingress" in version "networking.k8s.io/v1beta1".

--

Use following yaml file for ingress for GKE 1.22 and onwards.
cat hello_gke_ing_ing.yaml
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:...

--