Community

Blog Events Webinars Tutorials Forum
  1. Blog
  2. Events
  3. Webinars
  4. Tutorials
  5. Forum
Create Account
×
Community Blog ALB Ingress Handles Cloud-Native Application Traffic Management Easily

ALB Ingress Handles Cloud-Native Application Traffic Management Easily

This article discusses the ALB Ingress Controller for Alibaba Cloud Container Services.

By Yuanyi

Background

As cloud-native applications become microserviced and serverless, users need to face the requirements of configuring complex routing rules, supporting multiple application layer protocols (HTTP, HTTPS, and QUIC), service access security, and traffic observability. The traditional four-layer SLB Ingress cannot meet these demands.

Alibaba Cloud Container Service ALB Ingress Controller provides fully managed and O&M-free Ingress traffic management based on the Application Load Balancer (ALB). Alibaba Cloud Container Service for Kubernetes (ACK) is compatible with NGINX Ingress semantics. It can configure and manage complex service routes, automatic certificate discovery, and observable traffic ingress and supports multiple application layer protocols such as QUIC. It has large-scale seven-layer traffic processing capabilities, allowing users to handle cloud-native application traffic management easily.

ALB Products

Alibaba Cloud Application Load Balancer (ALB) is an SLB service for application-layer load scenarios, such as HTTP, HTTPS, and QUIC. It has superelasticity and large-scale seven-layer traffic processing capabilities.

1

ALB Characteristics

  • Elastic Auto Scaling: ALB provides domain names and VIP (Virtual IP address), supports traffic distribution to multiple cloud servers to expand the service capabilities of application systems, and improves the availability of application systems by eliminating single points of failure. ALB allows you to customize the combination of zones and supports elastic scaling between zones to avoid resource bottlenecks in a single zone.
  • Advanced Protocol Support: ALB supports the application transmission protocol QUIC. In mobile Internet application scenarios, such as real-time audio and video, interactive live streaming, and games, the access speed is faster, and the transmission link is more secure and reliable. ALB also supports Google Remote Procedure Call (gRPC) to facilitate efficient communication among microservices through API operations.
  • Content-Based Advanced Routing: ALB can identify specific business traffic based on multiple rules, such as HTTP headers, cookies, and HTTP request methods and forward them to different backend servers. ALB also supports advanced operations, such as redirection, rewriting, and custom HTTPS headers.
  • The security blessing of ALB comes with distributed denial-of-service DDoS (Distributed Denial of Service) protection and one-click integration Web Application Firewall (WAF). At the same time, ALB supports full-link HTTPS encryption, which can realize HTTPS interaction with clients or backend servers. It supports efficient and secure encryption protocols, such as TLS 1.3, for encryption-sensitive services and meets the requirements of Zero-Trust's new-generation security technology architecture. It supports prefabricated security policies. You can also customize security policies.
  • Cloud-Native Applications: In the cloud-native era, the PaaS platform will sink into the infrastructure and become part of the cloud. As cloud-native technologies mature, the Internet, finance, and enterprise sectors want to deploy their business on cloud-native applications or migrate the existing business to cloud-native environments. ALB is deeply integrated with Alibaba Cloud Container Service for Kubernetes (ACK) and is the official cloud-native Ingress gateway of Alibaba Cloud.
  • Elastic and Flexible Billing: ALB provides public network capabilities through Elastic IP Address (EIP) and EIP Bandwidth Plan to achieve flexible billing over the Internet. At the same time, it adopts a more advanced capacity unit (LCU)-based pricing solution that is more suitable for elastic service peaks.

Alibaba Cloud Container Service ALB Ingress Controller

Alibaba Cloud Container Service is an ALB Ingress Controller based on Alibaba Cloud application-oriented Application Load Balancer (ALB). It aims to provide a more powerful Ingress traffic management method. It is compatible with NGINX Ingress, can handle complex business routes and automatic certificate discovery, and supports HTTP, HTTPS, and QUIC protocols. It fully meets cloud-native application scenarios for ultra-strong elasticity and large-scale seven-layer traffic processing capabilities.

Procedure

ALB Ingress Controller uses an API server to listen to changes in k8s Ingress resources, dynamically generates Albconfig, and creates an ALB instance, a listener, a routing forwarding rule, and a backend server group in sequence. Service, Ingress, and Albconfig in Kubernetes have the following relationships:

  • A Service is an abstraction of an application deployed on a set of replicated pods.
  • An Ingress contains reverse proxy rules. It controls to which Services HTTP or HTTPS requests are routed. For example, a request is forwarded to a different Service based on the different Host and URL paths in the request.
  • Albconfig is a CRD resource provided in the ALB Ingress Controller. ALBConfig CRD is used to configure ALB instances and listeners. An Albconfig corresponds to an ALB instance.

2

Benefits

3

Rich Forwarding Features

  • Header-Based and Cookie Forwarding
  • Domain URL Forwarding supports traffic scheduling based on different domain names and URLs to improve application system flexibility.

High Elasticity and High Throughput

It is the first cloud computing vendor to propose performance assurance for SLB instances.

  • Guaranteed-Performance Instances provide guaranteed-performance instances to isolate performance between different instances and performance assurance under the corresponding specifications.
  • Ultra-Large Performance Specifications provide ultra-large ALB instances for high-performance requirements to solve performance bottlenecks.

Cloud-Native-Oriented Applications

  • Based on native Kubernetes Ingress
  • Support Alibaba Cloud Container Service Kubernetes products
  • Compatible with NGINX Ingress semantics

Safer and More Reliable

  • Component hosting, high availability, and maintenance-free
  • Certificate Management discovers certificates automatically.

Scenarios

Currently, ALB supports scenarios, such as high-elasticity Internet scenarios, low-latency scenarios in the audio and video industry, and cloud-native-oriented application scenarios.

4

Summary

The Alibaba Cloud Container Service ALB Ingress Controller is available for public preview. You can deploy ALB Ingress Controller in the Container Service console. ACK Managed Edition, ACK Dedicated Edition, and Serverless Kubernetes are supported.

Related Links

1) An Introduction to ALB Ingress

2) An ALB Introduction

slb Computing Container Service Kubernetes cloud native Traffic Management Application Load Balancer ALB ALB Ingress
0 0 0
Share on

Read previous post:

Alibaba Cloud Assists TuSimple in Improving Performance and Model Iteration Acceleration

Read next post:

The Flexvolume Scenario Disk Migration Solution

Alibaba Container Service

164 posts | 30 followers

You may also like

Comments

Alibaba Container Service

164 posts | 30 followers

Related Products

More Posts by Alibaba Container Service

See All