search

openziti / ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
https://openziti.io
Apache License 2.0
2.85k stars 159 forks source link

zrok Ingress Controller for k8s #2425

Open qrkourier opened 2 months ago

qrkourier commented 2 months ago

The zrok Ingress Controller watches for Ingress and Gateway resources and provisions the appropriate resources in Kube API and a reserved zrok share.

Defines an IngressClass and GatewayClass named zrok that may be instantiated by the zrok Ingress Controller.

example Ingress resource using the zrok class represents what the k8s user must provide to trigger the zrok Ingress Controller to proxy to a ClusterIP service

backend mode "proxy" is implied

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-frontdoor-svc-ingress
  annotations:
    zrok.ingress.kubernetes.io/unique-name: myfrontdoorsvc
spec:
  ingressClassName: zrok
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-frontdoor-svc
            port:
              number: 80

variation on the above, this demonstrates using the "web" backend mode to serve static assets instead of proxy to a service

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-frontdoor-assets-ingress
  annotations:
    zrok.ingress.kubernetes.io/unique-name: myfrontdoorassets
    zrok.ingress.kubernetes.io/backend-mode: web
spec:
  ingressClassName: zrok
  defaultBackend:
    resource:
      apiGroup: k8s.example.com
      kind: StorageBucket
      name: static-assets
qrkourier commented 2 months ago

re: https://www.reddit.com/r/kubernetes/comments/1dbwjm6/what_are_the_alternatives_to_ngrok_ingress/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

qrkourier commented 2 months ago

the ngrok ingress controller was recently deprecated by the ngrok operator