Creating an Ingress Gateway Deployment Binding
After an ingress gateway is created in the control plane, deploy the gateway to the
application cluster using the IngressGatewayDeployment resource. This is
different from a Kubernetes ingress resource and should be used as a replacement for the
ingress resource rather than in conjunction with it. This resource offloads the management
of deployment and pods backing the ingress gateway to the Service Mesh operator. An ingress
gateway deployment is only required for Kubernetes-based workloads. The
IngressGatewayDeployment, unlike IngressGateway, is
local to the cluster and isn’t replicated back to Service Mesh control-plane.
Using the Console
- Log in to the Oracle Cloud Infrastructure Console.
- Open the navigation menu and click Developer Services. Under Containers & Artifacts, click Service Mesh.
- On the Service Mesh page, from the list of compartments on the left side, select a compartment.
- Click the mesh name that contains your ingress gateways.
- Click Ingress Gateway in the left navigation.
- Click Create Ingress Gateway.
- Click the name of the Ingress Gateway.
- Click Create Kubernetes Bindings.
- In the Create Bindings dialog, specify the details for the Kubernetes
bindings code.
- Binding Namespace (Optional): The Kubernetes namespace for your deployment.
- Proxy Log Level: Choose between:
- Error
- Warn
- Info
- Debug
- Off
- Maximum Pods: The maximum number of pods the ingress gateway can scale up to.
- Service Type: There three options:
- Loadbalancer (Default): Exposes the service externally using a load balancer that forwards all traffic to your service
- ClusterIP: Exposes the service on a cluster-internal IP address. Choosing this value makes the service only reachable from within the cluster. (default service type)
- NodePort: Exposes a port on all the Kubernetes nodes which is forwarded to your service.
- Listener Ports: Create a list of ports your
service listens on. For each port, specify:
- Protocol:
TCP - Port: Select an available port.
- Service Port: Listener port for the service.
Warning
Don’t use the following Service Mesh reserved ports in your mesh resource: 15000, 15003, 15006, and 9901. - Protocol:
- To add more ports, click + Add Another Port.
- Labels: A list of key/value labels passed to your
deployment. For each label, specify a key and a value.
- Click + Add Another Condition Pair to add another label key/value pair.
Using the CLI
To create an ingress gateway deployment, first create an ingress gateway using the OCI CLI.
Create the ingress gateway deployment using one of the following commands.
-
Create your ingress gateway deployment using the ingress gateway name.
kubectl apply -f - <<EOF apiVersion: servicemesh.oci.oracle.com/v1beta1 kind: IngressGatewayDeployment metadata: name: <sample-ingress-gateway>-deployment namespace: <sample-namespace> spec: ingressGateway: ref: name: <sample-ingress-gateway> deployment: autoscaling: minPods: 1 maxPods: 1 ports: - protocol: TCP port: 8080 serviceport: 80 service: type: LoadBalancer annotations: oci.oraclecloud.com/load-balancer-type: "lb" service.beta.kubernetes.io/oci-load-balancer-shape: "400Mbps" secrets: - secretName: secret-tls-secret EOF -
Create your ingress gateway deployment using the ingress gateway OCID.
kubectl apply -f - <<EOF apiVersion: servicemesh.oci.oracle.com/v1beta1 kind: IngressGatewayDeployment metadata: name: <sample-ingress-gateway>-deployment namespace: <sample-namespace> spec: ingressGateway: id: <ocid_of_referenced_ig_created_from_cli> deployment: autoscaling: minPods: 1 maxPods: 1 ports: - protocol: TCP port: 8080 serviceport: 80 service: type: LoadBalancer annotations: oci.oraclecloud.com/load-balancer-type: "lb" service.beta.kubernetes.io/oci-load-balancer-shape: "400Mbps" secrets: - secretName: secret-tls-secret EOF