What is Kubernetes Ingress?

A Kubernetes Ingress manages external HTTP/HTTPS access to services in the cluster, providing: host-based routing, path-based routing, TLS termination, and load balancing — all with a single entry point (one load balancer for multiple services). Ingress spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: my-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / kubernetes.io/ingress.class: nginx spec: tls: - hosts: [api.example.com] secretName: tls-secret rules: - host: api.example.com http: paths: - path: /v1 pathType: Prefix backend: service: name: api-v1 port: number: 80 - path: /v2 pathType: Prefix backend: service: name: api-v2 port: number: 80. Ingress Controllers: Ingress resources require an Ingress controller to implement them. Popular controllers: NGINX Ingress Controller (most common, feature-rich); AWS Load Balancer Controller (ALB per Ingress); Traefik (auto-discovers services); HAProxy; Istio Ingress Gateway; Kong (API gateway features). Install NGINX: helm install nginx-ingress ingress-nginx/ingress-nginx. TLS: store certificate in a Secret → reference in Ingress tls section → automatic HTTPS. Use cert-manager for automatic Let's Encrypt certificates. Annotations: controller-specific behavior: rate limiting, auth, rewrites, timeouts, CORS. IngressClass: multiple Ingress controllers in one cluster — ingressClassName: nginx to select. Gateway API: newer, more expressive successor to Ingress — HTTPRoute, TCPRoute, TLSRoute, GRPCRoute resources. Better multi-team support, more features.