Open shift Route ingress and underlying cloud load balancer - unix1998/technical_notes GitHub Wiki

If we are using OpenShift Routes or Ingress resources, it is often not necessary to use the cloud provider's LoadBalancer directly. Here’s a detailed explanation:

OpenShift Routes

• OpenShift Routes are designed to handle HTTP/S traffic and provide load balancing and failover out of the box.
• They are tightly integrated with OpenShift and do not require any additional configuration or resources from the underlying cloud provider.
• Routes can handle advanced routing features like SSL termination, path-based routing, and custom headers.

Ingress in OpenShift

• Ingress resources in OpenShift work similarly to Kubernetes Ingress resources and can be used to manage external access to services within the cluster.
• Ingress resources also support load balancing and failover, and can handle more complex routing configurations.

When to Use Cloud Provider LoadBalancers

While OpenShift Routes and Ingress resources are sufficient for most use cases, there are scenarios where you might still consider using a cloud provider's LoadBalancer:

1. Non-HTTP/S Traffic: If you need to expose TCP/UDP services that are not HTTP/S, you might need to use a LoadBalancer service type.
2. Hybrid Environments: In hybrid environments where part of your infrastructure is on-premises and part is in the cloud, using cloud LoadBalancers might simplify network architecture.
3. Cloud-Specific Features: Some cloud providers offer advanced features in their LoadBalancers (e.g., Global Load Balancing, advanced DDoS protection) that might not be available through OpenShift Routes or Ingress.

Example: Using OpenShift Routes

Here is how you can create and use a Route in OpenShift to expose a service externally without needing a cloud LoadBalancer:

1. Create a Service:

   apiVersion: v1
   kind: Service
   metadata:
     name: my-service
   spec:
     selector:
       app: my-app
     ports:
       - protocol: TCP
         port: 8080
         targetPort: 8080
   

2. Create a Route:

   apiVersion: route.openshift.io/v1
   kind: Route
   metadata:
     name: my-route
   spec:
     to:
       kind: Service
       name: my-service
     port:
       targetPort: 8080
   

3. Apply the YAML Files:

   oc apply -f my-service.yaml
   oc apply -f my-route.yaml
   

Example: Using Ingress

Alternatively, you can use an Ingress resource:

1. Create an Ingress Resource:

   apiVersion: networking.k8s.io/v1
   kind: Ingress
   metadata:
     name: my-ingress
   spec:
     rules:
     - host: myapp.example.com
       http:
         paths:
         - path: /
           pathType: Prefix
           backend:
             service:
               name: my-service
               port:
                 number: 8080
   

2. Apply the YAML File:

   oc apply -f my-ingress.yaml
   

Summary

• OpenShift Routes and Ingress resources provide built-in load balancing and failover capabilities for HTTP/S traffic, making them suitable for most use cases without needing a cloud provider's LoadBalancer.
• Cloud Provider LoadBalancers can still be useful for non-HTTP/S traffic, hybrid environments, or to leverage specific cloud features.

By using Routes or Ingress, you can leverage OpenShift's native capabilities for managing external access and traffic distribution, simplifying your infrastructure and reducing reliance on external cloud services.