Hi all, I'm looking at replacing our current job management system with Kubernetes, and one big question is about managing HTTP routes to individual applications. Today we use a templated HAProxy config with a comprehensive set of tests to verify that any route we care about ends up at the expected backend (~150 backends), and deployment of a new config is gated on those passing. Moving that configuration next to the application using Ingress records seems like a great idea, and my tests with the nginx ingress controller have been promising.
However, there are a couple concerns: 1. I haven't found any specification for how the ingress records are combined, especially in the case of overlap. Is it an implementation detail that the most "specific" route seems to be the one that matches with nginx for path prefixes or something I can rely on? 2. How do folks validate the Ingress configuration prior to production deployment? Does it require deploying the same configuration (avoiding any kind of configuration drift) to a test cluster, create test deployments, and run requests? That sounds like a lot of work. Our current deployment pipeline only runs tests for the application being deployed, but in the case of Ingress records it seems possible that deploying one application could interfere with ingress to another one, which would not be caught. Or, is validation not as important with Ingress records due to how straightforward they are? Many apparently-innocent changes to a HAProxy config can result in disaster, but maybe that level of heavy testing is not required in the new world. 3. What's the best way to see what's going on with nginx? For example, when I create a second Ingress resource that tries to claim the same route as the first, it doesn't have an effect but I don't see any way to get that feedback. The controller's logs have occasionally useful stuff but also contain a line for every request (so in production would not be great). Does anyone have experience or thoughts on any of the above items? Many thanks, Rob -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
