Apache Ingress Controller v1.0 has been released, supporting the use of custom resources including Route, Upstream, and Kubernetes native Ingress resources to control external traffic access to services deployed in Kubernetes. services deployed in Kubernetes.

About Apache Ingress Controller​

The Apache Ingress Controller is a cloud-native Ingress Controller implementation that uses Apache as a data plane to carry traffic and extends Kubernetes using CRD.

Supports controlling external traffic access to services deployed in Kubernetes using custom resources including Route, Upstream, and Kubernetes-native Ingress resources.

The overall architecture is as follows.

v1.0 latest features​

Add Consumer custom resource to make configuration authentication more convenient​

In the previous version, if you want to configure keyAuth or basicAuth, you need to manually call Apache admin api to create consumer configuration.

In v1.0, we added the Consumer resource, which allows users to define consumer resources and configure authentication for Route in a more native way.

For example, a keyAuth resource is defined with the following configuration.

apiVersion: .apache.org/v2alpha1kind: Consumermetadata:  name: keyauthspec:  authParameter:    keyAuth:      value:        key: API

In Route you only need to add the corresponding type of authentication configuration.

apiVersion: .apache.org/v2alpha1kind: Routemetadata:  name: httpbin-routespec:  http:   ...   authentication:     enable: true     type: keyAuth

Adding mTLS support to Tls​

In v1.0 we also added mTLS support for Tls custom resources, just add the client configuration to the Tls resource configuration, e.g.

apiVersion: .apache.org/v1kind: Tlsmetadata:  name: sample-tlsspec:  ...  client:    ... client: caSecret:      name: client-ca-secret      namespace: default

Added more annotations to the native Ingress resource to enrich its functionality​

• k8s..apache.org/blocklist-source-range to restrict the source IP.
• k8s..apache.org/rewrite-target and k8s..apache.org/rewrite-target-regex to perform target rewrite operations.
• k8s..apache.org/http-to-https to perform HTTP to HTTPS forced redirects.

See the project CHANGELOG for more feature changes.

Why use Ingress Controller​

Apache Ingress Controller uses Apache as its data plane to carry business traffic, so it inherits the following advantages from Apache .

• High Performance & Stability: Apache is a cloud-native high-performance dynamic API gateway that has been used in many enterprise large-scale traffic scenarios, and its performance and stability have been tested for a long time.
• Rich ecology: Apache is currently the most active open source gateway project, as the top project of Apache, both the community activity and its plug-in ecology are very rich, can meet the user's multiple use scenarios and needs.

In addition, because Ingress Controller also has the following unique advantages.

• Good compatibility: supports multiple Ingress resource versions and works fine in different Kubernetes versions.
• Dynamic updates: Both Ingress resources and configuration updates such as certificates are hot loaded without reload, ensuring smooth business operation.
• Flexible Scalability: Since Ingress Controller adopts the architecture of separate control plane and data plane, the data plane cluster of Apache can be scaled up separately without scaling up Apache Ingress Controller.
• Operation and Maintenance Friendly: Under the current architecture, users can choose to deploy the dataplane Apache cluster in a Kubernetes cluster or in a physical machine environment as the case may be. And Apache Ingress Controller failure will not have any impact on business traffic.