Skip to main content
Version: 0.9

Overview

In Kubernetes you can configure external HTTPS access to your applications using Ingress resources. Ingress provides load balancing, SSL termination and name-based virtual hosting.

Kore can automatically register domains and generate TLS certificates for Ingress objects. This lets developers easily expose their application services.

The following table lists some important terms to understand about how Kore handles access to your applications.

TermDescription
Ingress resourceA collection of routing rules that define which inbound connections can reach your application service. Kore provides an easy way to generate an ingress.yaml to create this resource. See Expose your Application via Ingress.
Network policyLets you control traffic flow to your application at the port level. By default Kore deploys a default-denial-ingress network policy into each namespace, which forbids Ingress traffic for any deployed applications. To enable network access to your application, you need a new network policy that allows traffic from the Ingress controllers that Kore manages.

Kore can generate this network policy for you when you follow the steps in Generate an Ingress resource and network policy. You can also create a network policy manually—see Create Network Policies.
Ingress controllerActs mainly as a router and load balancer in Kubernetes. For the Ingress resource to work, a Kubernetes cluster must have an Ingress controller running. Kore automatically installs a public-facing Ingress controller with class external in each Kubernetes cluster, using the ingress-nginx Ingress controller.
DNS zones and domainsKore Administrators and Team Administrators can register DNS zones to be used for Ingress resources. Kore installs and configures ExternalDNS in each managed Kubernetes cluster to automatically generate DNS records and managed DNS zones. For more information, see Manage Domains.
CertificatesWeb applications should use HTTPS endpoints. For security, we strongly recommend using end-to-end encryption for internal communication between your applications and services.

Kore automatically installs and configures cert-manager in each managed Kubernetes cluster, which creates and manages X.509 certificates (used by TLS) for Kubernetes Ingress objects and other requirements. For more information, see Manage Certificates.
Last updated on Aug 5, 2021