Let's start from the beginning. There is too much to say on this topic to put everything in the comments, so let's move it to an answer. If something below isn't entirely clear, don't hesitate to ask.
First of all you need to start from your application architecture and try to determine how it is supposed to work, what part should be able to communicate with another one.
Microservices approach in design of applications is entire broad topic and would deserve rather separate article than attempt to explain it in a single answer. But in a nutshell, all it is about is decoupling the application into separate parts where each of them have a distinct functionality and can be developed, deployed and updated separately. Those elements can be closely related, they can even totally depend on one another but at the same time they are separate entities.
Kubernetes by its very nature encourages you to follow the above approach. If you read more about Pods, you will see that they are perfectly made for this purpose, for being a kind of wrapper for single microservice. This is a simplification to some extent, but I believe it reflects the essence of the matter. In real production environment you can have a set of Pods
managed by higher abstraction such as Deployment, but note that even if you have 3 or more replicas of a single Pod
it still represents the same single microservice, only scaled horizontaly e.g. to be able to handle bigger load or more requests.
Separate sets of Pods
representing different microservices can communicate with each other and be exposed to external world thanks to Services.
As you can read in kubernetes docs, an Ingress
is:
An API object that manages external access to the services in a
cluster, typically HTTP. Ingress may provide load balancing, SSL
termination and name-based virtual hosting.
Ingress exposes HTTP and HTTPS routes from outside the cluster to
services within the cluster. Traffic routing is controlled by rules
defined on the Ingress resource.
internet
|
[ Ingress ]
--|-----|--
[ Services ]
You should ask yourself if you really want to expose to the external world both your frontend and backend Pods
. Typically you don't want to do it. Backend by its very definition should act as a... well... as a backend of your app :) It is not supposed to be reachable directly by external users but only via frontend part of the application so it shouldn't be exposed via Ingress
. Only after the frontend part of your app receives a request from external user, it makes its own request to the backend, retrives some data processed by the backend app and then passes it to the end user. User doesn't make direct requests to your backend app.
You can expose via Ingress
different parts of your application using different paths (like in the example given in another answer), which can be backed by different microservices running in different sets of Pods
but still they should be frontend parts of your app, NOT backend.
Backend Pods
is something that you usually expose only within your kubernetes cluster, to make it available to other components of your app. For that purpose simple Service of type ClusterIP
(which is by the way the default type, automatically chosen when the type:
field is not specified) is the way to go.
I would encourage you to read more about different Service
types and what they are used for.
You may also want to take a look at the following articles. I believe they will make the whole concept even clearer:
Connecting Applications with Services
Connect a Front End to a Back End Using a Service
As to merging different kubernetes objects definitions to a single yaml
file like in this example, where you can see Service
and Deployment
defined in a single yaml
file and separated with ---
is just a convention and I wouldn't pay too much attention to it. If it makes your work more convenient, you can use it.
As to your additional question in the comment:
I'm curious if having two load balancers would also work as well or
if Ingress is suited better for this scenario?
I hope after reading the whole answer it's already much clearer. Note that typically an Ingress
also uses loadbalancer under the hood. If you only want to expose externally your frontend app without using different paths which are backed by separate microservices, you may not even need an Ingress
. LoadBalancer Service
would be totally enough for what you want to accomplish. Remember that you also use it to expose your app to the external world. If you expose something only within your cluster, that shouldn't be reachable from outside, use simple ClusterIP
Service
instead.
LoadBalancer: Exposes the Service externally using a cloud provider’s
load balancer. NodePort and ClusterIP Services, to which the external
load balancer routes, are automatically created.
I hope this answered your question.
Deployment
? This is not a good idea. Within the same container ? Even worse. Although it might seem technically possible but you should avoid such design of your app. Two separateDeployments
you can put in a single file if you like and separate them with---
so when you runkubectl apply -f deployments.yaml
both of them are deployed at once. Then you can define a single ingress resource as the answer below suggests. – mariodeployment.yaml
and one backenddeployment.yaml
. Merging it into onedeployments.yaml
file is possible. Another question I have then is.. the comment below suggests Ingress, so I'm curious if having two load balancers would also work as well or if Ingress is suited better for this scenario? Thanks! – kennycodes