Tencent Kubernetes Engine
- Release Notes and Announcements
- Release Notes
- Announcements
- Security Vulnerability Fix Description
- Release Notes
- Kubernetes Version Maintenance
- Runtime Version Maintenance Description
- Product Introduction
- Quick Start
- TKE General Cluster Guide
- Purchase a TKE General Cluster
- Permission Management
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Cluster Management
- Images
- Worker node introduction
- Normal Node Management
- Native Node Management
- Purchasing Native Nodes
- Supernode management
- Purchasing a Super Node
- Registered Node Management
- Memory Compression Instructions
- GPU Share
- qGPU Online/Offline Hybrid Deployment
- Kubernetes Object Management
- Workload
- Configuration
- Auto Scaling
- Service Management
- Ingress Management
- CLB Type Ingress
- API Gateway Type Ingress
- Storage Management
- Use File to Store CFS
- Use Cloud Disk CBS
- Add-On Management
- CBS-CSI Description
- Network Management
- GlobalRouter Mode
- VPC-CNI Mode
- Static IP Address Mode Instructions
- Cilium-Overlay Mode
- OPS Center
- Audit Management
- Event Management
- Monitoring Management
- Log Management
- Using CRD to Configure Log Collection
- Backup Center
- TKE Serverless Cluster Guide
- Purchasing a TKE Serverless Cluster
- TKE Serverless Cluster Management
- Super Node Management
- Kubernetes Object Management
- OPS Center
- Log Collection
- Using a CRD to Configure Log Collection
- Audit Management
- Event Management
- TKE Registered Cluster Guide
- Registered Cluster Management
- Ops Guide
- TKE Insight
- TKE Scheduling
- Job Scheduling
- Native Node Dedicated Scheduler
- Cloud Native Service Guide
- Cloud Service for etcd
- Version Maintenance
- Cluster Troubleshooting
- Practical Tutorial
- Cluster
- Serverless Cluster
- Mastering Deep Learning in Serverless Cluster
- Scheduling
- Security
- Service Deployment
- Proper Use of Node Resources
- Network
- DNS
- Self-Built Nginx Ingress Practice Tutorial
- Logs
- Monitoring
- OPS
- DevOps
- Construction and Deployment of Jenkins Public Network Framework Appications based on TKE
- Auto Scaling
- KEDA
- Containerization
- Microservice
- Cost Management
- Hybrid Cloud
- Fault Handling
- Pod Status Exception and Handling
- Pod exception troubleshooter
- API Documentation
- Making API Requests
- Elastic Cluster APIs
- Resource Reserved Coupon APIs
- Cluster APIs
- Third-party Node APIs
- Network APIs
- Node APIs
- Node Pool APIs
- TKE Edge Cluster APIs
- Cloud Native Monitoring APIs
- Super Node APIs
- TKE API 2022-05-01
- Making API Requests
- Node Pool APIs
- FAQs
- TKE General Cluster
- TKE Serverless Cluster
- About OPS
- Service Agreement
- User Guide(Old)
DocumentationTencent Kubernetes EngineTKE General Cluster Guide Ingress ManagementIngress Controllers
Ingress Controllers
Last updated: 2024-12-23 11:30:47
Ingress Controllers
Application CLB
Application CLB is a TKE Ingress Controller based on the Tencent Cloud Load Balancer (CLB), which can implement the access of different services in the cluster with different URLs. CLB directly forwards the traffic to a Pod through the NodePort (the traffic is forwarded to a Pod in the CLB-to-Pod direct access mode). One Ingress configuration is bound to one CLB instance (IP), which is suitable for scenarios that only require simple routing management and are insensitive to IP address convergence. For more information, see CLB Type Ingress.
Istio Ingress Gateway
Istio Ingress Gateway is an Ingress Controller based on Tencent Cloud CLB and Istio Ingress Gateway (provided by Tencent Cloud TCM). The control plane and related supporting components are maintained by Tencent Cloud. You only need to deploy the containerized data plane that performs traffic forwarding in the cluster. You can use native Kubernetes Ingress or Istio API that provides more refined traffic management capabilities. A layer of proxy (envoy) is added after CLB, which is suitable for scenarios where there are more requirements for access layer routing management, IP address convergence, and entrance traffic management of cross-cluster and heterogeneous deployment service.
Dedicated API Gateway
Dedicated API Gateway is a TKE Ingress Controller based on a dedicated Tencent Cloud API Gateway instance. It is suitable for scenarios where multiple TKE clusters require a unified access layer or the access layer requires authentication and traffic throttling. For more information, see API Gateway Type Ingress. It has the following strengths:
API Gateway is directly connected to the Pods of the TKE cluster without any intermediate nodes.
An API Gateway TKE tunnel can connect multiple TKE services at the same time, among which the traffic is distributed based on the weighted round robin algorithm.
Advanced extended capabilities provided by API Gateway can be used, such as authentication, traffic throttling, canary traffic distribution, caching, and downgrade upon circuit breaking.
Supported by a dedicated API Gateway instance, the underlying physical resources of a user are exclusive to the user, with a stable performance and high SLA delivered.
Nginx Ingress Controller
Nginx Ingress Controller is an Ingress controller based on Tencent Cloud CLB and Nginx reverse proxy (containerized deployment in cluster). It extends the features of native Kubernetes Ingress through Annotations, and adds a layer of proxy (nginx) after CLB, which is suitable for scenarios where there are more requirements for access layer routing management and IP address convergence. For more information, see Nginx Type Ingress.
Ingress Controllers Comparison
Module | Description | Application CLB | Istio Ingress Gateway (Provided by Tencent Cloud TCM) | Dedicated API Gateway | Nginx Ingress Controller |
Traffic management | Supported protocols | HTTP and HTTPS | HTTP, HTTPS, HTTP2, GRPC, TCP, and TCP + TLS | HTTP, HTTPS, HTTP2, and GRPC | HTTP, HTTPS, HTTP2, GRPC, TCP, and UDP |
| IP Management | One Ingress rule corresponds to one IP (CLB). | Multiple Ingress rules correspond to one IP (CLB). IP address convergence is supported. | Multiple Ingress rules correspond to one IP (Dedicated API Gateway). IP address convergence is supported. | Multiple Ingress rules correspond to one IP (CLB). IP address convergence is supported. |
| Attribute route | HOST and URL | More attributes are supported, such as header, method, query, and parameter. | More attributes are supported, such as header, method, query, and parameter. | More attributes are supported, such as header and cookie. |
| Traffic behavior | Not supported | Behaviors such as rewrite and redirection are supported. | Redirection, custom request, and custom response are supported. | Behaviors such as rewrite and redirection are supported. |
| Region-aware load balancing | Not supported | Supported | Not supported | Not supported |
Application access addressing | Service discovery | Single Kubernetes cluster | Multiple Kubernetes clusters + heterogeneous service | Multiple Kubernetes clusters | Single Kubernetes cluster |
Security | SSL configuration | Supported | Supported | Supported | Supported |
| Authentication authorization | Not supported | Supported | Supported | Supported |
Observability | Monitoring metrics | Supported (View in CLB) | Supported (Cloud native monitoring or Tencent Cloud Observability Platform) | Supported (View in API Gateway) | Supported (Cloud native monitoring) |
| Call tracing | Not supported | Supported | Not supported | Not supported |
| Add-on Ops | The associated CLB has been managed. You only need to run TKE Ingress Controller in the cluster. | The control plane has been managed. You only need to run the data plane Ingress Gateway. | You don't need to run the control plane in the Kubernetes cluster. Instead, simply enable the private network access feature in the cluster. | You need to run Nginx Ingress Controller in the cluster (control plane + data plane). |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No