Skip to content

What is Citrix ingress controller?

Citrix provides an Ingress Controller for Citrix ADC MPX (hardware), Citrix ADC VPX (virtualized), and Citrix ADC CPX (containerized). You can use the Ingress Controller in bare metal and cloud deployments. Citrix ingress controller is built around Kubernetes Ingress and automatically configures one or more Citrix ADC based on the Ingress resource configuration.

Clients outside a Kubernetes cluster need a way to access the services provided by pods inside the cluster. For services that provide HTTP(s) access, this access is provided through a layer-7 proxy also known as Application Delivery Controller (ADC) device or a load balancer device. Kubernetes provides an API object, called Ingress that defines rules on how clients access services in a Kubernetes cluster. Service owners create these Ingress resources that define rules for directing HTTP(s) traffic. An Ingress controller watches the Kubernetes API server for updates to the Ingress resource and accordingly reconfigures the Ingress ADC.

Citrix ingress controller supports topologies and traffic management beyond standard HTTP(s) Ingress. Citrix ADCs with Citrix Ingress Controllers support Single-Tier and Dual-Tier traffic load balancing. The service owners can also control ingress TCP/TLS and UDP traffic.

Citrix ingress controller automates the configuration of Citrix ADCs to proxy traffic into (North-South) and between (East-West) the microservices in a Kubernetes cluster. The North-South traffic refers to the traffic from clients outside the cluster to microservices in the Kubernetes cluster. The East-West traffic refers to the traffic between the microservices inside the Kubernetes cluster.

Typically, North-South traffic is load balanced by Ingress devices such as Citrix ADCs while East-West traffic is load balanced by kube-proxy. Since kube-proxy only provides limited layer-4 load balancing, service owners can utilize the Citrix ingress controller to achieve sophisticated layer-7 controls for East-West traffic using the Ingress CPX ADCs.

Deploy Citrix ingress controller

You can deploy Citrix ingress controller in the following deployment modes:

  1. As a standalone pod. This mode is used when managing ADCs such as, Citrix ADC MPX or VPX that are outside the Kubernetes cluster.

  2. As a sidecar in a pod along with the Citrix ADC CPX in the same pod. The controller is only responsible for the Citrix ADC CPX that resides in the same pod.

You can deploy Citrix ingress controller using Kubernetes YAML or Helm charts. For more information, see Deploying Citrix ingress controller using YAML or Deploying Citrix ingress controller using Helm charts.