K
Q

Is it possible to have an Ingress point to a Service from another namespace?

12/12/2019

What I want to do is have a service in the default namespace and ingresses in my other namespaces, which point to that service. I tried implementing the service and Ingress shown below, but it didn't work.

kind: Service
apiVersion: v1
metadata:
  name: serviceX
  namespace: default
spec:
  type: ExternalName
  externalName: serviceX.default.svc.cluster.local
ports:
- port: 123


kind: Ingress
apiVersion: extensions/v1beta1
metadata:
  name: web-ingress-test-vpndev
  namespace: my-namespace
spec:
  tls:
  - hosts:
    - abc.my-namespace.domain.com
    secretName: tls-secret-my-namespace
  rules:
  - http:
      paths:
      - path: "/"
        backend:
          serviceName: serviceX
          servicePort: 123
status:
  loadBalancer:
    ingress: {}

I know that I could implement the service in every namespace, but I was wondering if it's possible to have a single service. If I try to type the externalName of the service in the backend->serviceName handler of the ingress, I get and error saying that the name of the service can only contain numbers, letter and '-'.

-- Daniel
kubernetes
kubernetes-ingress
kubernetes-service

Similar Questions

consul keeps crashing when deployed on google kubernets engine in asia-south1 (Mumbai) region, but works in other regions
kubernetes ingress controller not forwarding request headers
Generate single certificate for multiple Kubernetes nodes
Kubernetes Service LoadBalancer "EXTERNAL-IP" remains "<none>" instead of taking worker nodes public IP addresses
When creating 3 replica StatefulSet, get/use IP/hostname from 1st replica as parameter for other 2

3 Answers

3/16/2020

I achieve this using Istio. It's not the main reason why we are using it, but the traffic management features allows this kind of thing.

+--Namespace A-------------------------------+
|                                            |
|  +-------+   +-------+   +--------------+  |
|  |Ingress+--->Service+--->VirtualService|  |
|  +-------+   +-------+   +------+-------+  |
|                                 |          |
+--------------------------------------------+
                                  |
                  +---------------+
                  |
                  |      +--Namespace B---------+
                  |      |                      |
                  |      |  +-------+    +---+  |
                  +--------->Service+---->Pod|  |
                         |  +-------+    +---+  |
                         |                      |
                         +----------------------+

With Istio you can have your ingress in one namespace, a service without Selector (because there is no pod here) and a virtual service that route the traffic on service.namespaceA to service.namespaceB.

I'am using this to achieve blue-green deployment. Imagine the same principle than above but with 3 namespaces :

  • Namespace-A (with ingress, service and virtualService)
  • Namespace-B-blue (with blue services and pods)
  • Namespace-B-green (with green services and pods)

The switch between blue and green version is managed by the virtualService in the namespace-A. The advantage is that you can test the green version (smoke test) using routing features of istio before release it to everyone.

-- Fred Mériot
Source: StackOverflow
12/13/2019

I would have to say that this isnt a good way. as all of ingress in different NS would be convert to Nginx Rule and take effect in ingress-controller pod.

And if you take a look the Nginx Rule(nginx.conf in ingress-controller pod), you will see each block of location in nginx.conf has variable set $namespace "****"; which means the ingress has been isolated by NS

Also, if you still want to implement your idea, might need to modify the ingress-contoller.

-- Vampire_D
Source: StackOverflow
12/12/2019

I don't think this is possible and also don't think it's a good idea. Ingress is not a cluster level resource. Each namespace should have its own instance.

-- Dávid Molnár
Source: StackOverflow