/application-gateway-kubernetes-ingress

This is an ingress controller that can be run on Azure Kubernetes Service (AKS) to allow an Azure Application Gateway to act as the ingress for an AKS cluster.

Primary LanguageGoMIT LicenseMIT

Application Gateway Ingress Controller

GitHub release (latest by date) Build Status Go Report Card GitHub go.mod Go version

Staging release (latest by date)

Application Gateway Ingress Controller (AGIC) is a Kubernetes application, which makes it possible for Azure Kubernetes Service (AKS) customers to leverage Azure's native Application Gateway L7 load-balancer to expose cloud software to the Internet. AGIC monitors the Kubernetes cluster it is hosted on and continuously updates an App Gateway, so that selected services are exposed to the Internet.

The Ingress Controller runs in its own pod on the customer’s AKS. AGIC monitors a subset of Kubernetes Resources for changes. The state of the AKS cluster is translated to App Gateway specific configuration and applied to the Azure Resource Manager (ARM).

Azure Application Gateway + AKS

AGIC is configured via the Kubernetes Ingress resource, along with Service and Deployments/Pods. It provides a number of features, leveraging Azure’s native App Gateway L7 load balancer. To name a few:

  • URL routing
  • Cookie-based affinity
  • SSL termination
  • End-to-end SSL
  • Support for public, private, and hybrid web sites
  • Integrated web application firewall

Changelog

Blogs and talks

Setup

Usage

Tutorials: Refer to these to understand how you can expose an AKS service over HTTP or HTTPS, to the internet, using an Azure Application Gateway.

Features: List of all available AGIC features.

Annotations: The Kubernetes Ingress specification does not allow all features of Application Gateway to be exposed through the ingress resource. Therefore we have introduced application gateway ingress controller specific annotations to expose application gateway features through an ingress resource. Please refer to these to understand the various annotations supported by the ingress controller, and the corresponding features that can be turned on in the application gateway for a given annotation.

Helm Values Configuration Options: This document lists the various configuration options available through helm.

Upgrade/Rollback AGIC using helm: This documents explains how to upgrade/rollback AGIC helm installation.

How-tos

Troubleshooting

For troubleshooting, please refer to this guide.

Frequently asked questions

For FAQ, please refer to this guide.

Reporting Issues

The best way to report an issue is to create a Github Issue for the project. Please include the following information when creating the issue:

  • Subscription ID for AKS cluster.
  • Subscription ID for Application Gateway.
  • AKS cluster name/ARM Resource ID.
  • Application Gateway name/ARM Resource ID.
  • Ingress resource definition that might causing the problem.
  • The Helm configuration used to install the ingress controller.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.