High-Level Steps
The following are the high-level steps that we would carry out to build and deploy our microservices configuration. It is assumed that the Google project is already created.
Solution 1 – Using Google Ingress Controller
- Create a VPN
- Create a private instance of Google Kubernetes Cluster.
- Create Cloud NAT configuration.
- Download the microservice application and deployment scripts from GitHub.
- Build the microservice container.
- Push the microservice container to the google container registry.
- Deploy endpoint for the project.
- Create Workload, Service, and Ingress (GCE ingress).
- Invoke the microservice.
- Configure Cloud Armor.
- Test the microservices with Cloud Armor.
Solution 2 – Using Nginx Ingress Controller
The Solution 1 above uses default Google Ingress Controller. We can also use Nginx Ingress Controller as it provides a lot of add-on features like IP whitelisting, rule configuration, HTTP(s) redirect etc. The deployment process is the same as described in Solution 1, except for Point 7 and Point 8. For Point 7, we would install Nginx ingress first on our Kubernetes Cluster and then deploy the Nginx Ingress configuration for our application (instead of GCE ingress). We don’t need Cloud Armor as the whitelisting of IPs is supported through Nginx Ingress directly.