Hi I’m relatively new to Kubernetes. I have quite some knowledge after reading 5 or 6 books on Kubernetes but I have never built one cluster before. We plan to build a on-premise K8s cluster. I have a question about nginx ingress controller.
In our current architecture we have a F5 load balancer fronting a cluster of nginx web servers, which sits in front of our app servers. We rely on the nginx web servers to handle user authentication. Nginx servers are configured as reverse proxy as well to all the backend app services. We’d like to keep using the same security design by letting nginx handle user authentication.
Our app servers consist of Node.js servers and tomcat and sprint boot servers.
Nginx Ingress Controller seems to play two roles, first as a reverse proxy to route traffic to different services, second as a load balancer.
Does it mean I don’t need a front end load balancer like F5 any more with an Nginx Ingress Controller? If so i’m wondering the security impact. Currently we put F5 in the public and all nginx servers are in the DMZ. Is it safe to leave the nginx sever, as the ingress controller, in the public?
Second question is HA of the nginx server itself as the ingress controller. Can I configure a HA Nginx Ingress Controller?
Or should I still put F5 in front of Nginx Ingress Controller?
Thanks for any insight!