LogoLogo
  • Welcome to e6data
  • Introduction to e6data
    • Concepts
    • Architecture
      • e6data in VPC Deployment Model
      • Connect to e6data serverless compute
  • Get Started
  • Sign Up
  • Setup
    • AWS Setup
      • In VPC Deployment (AWS)
        • Prerequisite Infrastructure
        • Infrastructure & Permissions for e6data
        • Setup Kubernetes Components
        • Setup using Terraform in AWS
          • Update a AWS Terraform for your Workspace
        • AWS PrivateLink and e6data
        • VPC Peering | e6data on AWS
      • Connect to e6data serverless compute (AWS)
        • Workspace Creation
        • Catalog Creation
          • Glue Metastore
          • Hive Metastore
          • Unity Catalog
        • Cluster Creation
    • GCP Setup
      • In VPC Deployment (GCP)
        • Prerequisite Infrastructure
        • Infrastructure & Permissions for e6data
        • Setup Kubernetes Components
        • Setup using Terraform in GCP
        • Update a GCP Terraform for your Workspace
      • Connect to e6data serverless compute (GCP)
    • Azure Setup
      • Prerequisite Infrastructure
      • Infrastructure & Permissions for e6data
      • Setup Kubernetes Components
      • Setup using Terraform in AZURE
        • Update a AZURE Terraform for your Workspace
  • Workspaces
    • Create Workspaces
    • Enable/Disable Workspaces
    • Update a Workspace
    • Delete a Workspace
  • Catalogs
    • Create Catalogs
      • Hive Metastore
        • Connect to a Hive Metastore
        • Edit a Hive Metastore Connection
        • Delete a Hive Metastore Connection
      • Glue Metastore
        • Connect to a Glue Metastore
        • Edit a Glue Metastore Connection
        • Delete a Glue Metastore Connection
      • Unity Catalog
        • Connect to Unity Catalog
        • Edit Unity Catalog
        • Delete Unity Catalog
      • Cross-account Catalog Access
        • Configure Cross-account Catalog to Access AWS Hive Metastore
        • Configure Cross-account Catalog to Access Unity Catalog
        • Configure Cross-account Catalog to Access AWS Glue
        • Configure Cross-account Catalog to Access GCP Hive Metastore
    • Manage Catalogs
    • Privileges
      • Access Control
      • Column Masking
      • Row Filter
  • Clusters
    • Edit & Delete Clusters
    • Suspend & Resume Clusters
    • Cluster Size
    • Load Based Sizing
    • Auto Suspension
    • Query Timeout
    • Monitoring
    • Connection Info
  • Pools
    • Delete Pools
  • Query Editor
    • Editor Pane
    • Results Pane
    • Schema Explorer
    • Data Preview
  • Notebook
    • Editor Pane
    • Results Pane
    • Schema Explorer
    • Data Preview
  • Query History
    • Query Count API
  • Connectivity
    • IP Sets
    • Endpoints
    • Cloud Resources
    • Network Firewall
  • Access Control
    • Users
    • Groups
    • Roles
      • Permissions
      • Policies
    • Single Sign-On (SSO)
      • AWS SSO
      • Okta
      • Microsoft My Apps-SSO
      • Icons for IdP
    • Service Accounts
    • Multi-Factor Authentication (Beta)
  • Usage and Cost Management
  • Audit Log
  • User Settings
    • Profile
    • Personal Access Tokens (PAT)
  • Advanced Features
    • Cross-Catalog & Cross-Schema Querying
  • Supported Data Types
  • SQL Command Reference
    • Query Syntax
      • General functions
    • Aggregate Functions
    • Mathematical Functions & Operators
      • Arithematic Operators
      • Rounding and Truncation Functions
      • Exponential and Root Functions
      • Trigonometric Functions
      • Logarithmic Functions
    • String Functions
    • Date-Time Functions
      • Constant Functions
      • Conversion Functions
      • Date Truncate Function
      • Addition and Subtraction Functions
      • Extraction Functions
      • Format Functions
      • Timezone Functions
    • Conditional Expressions
    • Conversion Functions
    • Window Functions
    • Comparison Operators & Functions
    • Logical Operators
    • Statistical Functions
    • Bitwise Functions
    • Array Functions
    • Regular Expression Functions
    • Generate Functions
    • Cardinality Estimation Functions
    • JSON Functions
    • Checksum Functions
    • Unload Function (Copy into)
    • Struct Functions
  • Equivalent Functions & Operators
  • Connectors & Drivers
    • DBeaver
    • DbVisualiser
    • Apache Superset
    • Jupyter Notebook
    • Tableau Cloud
    • Tableau Desktop
    • Power BI
    • Metabase
    • Zeppelin
    • Python Connector
      • Code Samples
    • JDBC Driver
      • Code Samples
      • API Support
    • Configure Cluster Ingress
      • ALB Ingress in Kubernetes
      • GCE Ingress in Kubernetes
      • Ingress-Nginx in Kubernetes
  • Security & Trust
    • Best Practices
      • AWS Best Practices
    • Features & Responsibilities Matrix
    • Data Protection Addendum(DPA)
  • Tutorials and Best Practices
    • How to configure HIVE metastore if you don't have one?
    • How-To Videos
  • Known Limitations
    • SQL Limitations
    • Other Limitations
    • Restart Triggers
    • Cloud Provider Limitations
  • Error Codes
    • General Errors
    • User Account Errors
    • Workspace Errors
    • Catalog Errors
    • Cluster Errors
    • Data Governance Errors
    • Query History Errors
    • Query Editor Errors
    • Pool Errors
    • Connectivity Errors
  • Terms & Condition
  • Privacy Policy
    • Cookie Policy
  • FAQs
    • Workspace Setup
    • Security
    • Catalog Privileges
  • Services Utilised for e6data Deployment
    • AWS supported regions
    • GCP supported regions
    • AZURE supported regions
  • Release Notes & Updates
    • 6th Sept 2024
    • 6th June 2024
    • 18th April 2024
    • 9th April 2024
    • 30th March 2024
    • 16th March 2024
    • 14th March 2024
    • 12th March 2024
    • 2nd March 2024
    • 10th February 2024
    • 3rd February 2024
    • 17th January 2024
    • 9th January 2024
    • 3rd January 2024
    • 18th December 2023
    • 12th December 2023
    • 9th December 2023
    • 4th December 2023
    • 27th November 2023
    • 8th September 2023
    • 4th September 2023
    • 26th August 2023
    • 21st August 2023
    • 19th July 2023
    • 23rd May 2023
    • 5th May 2023
    • 28th April 2023
    • 19th April 2023
    • 15th April 2023
    • 10th April 2023
    • 30th March 2023
Powered by GitBook
On this page
  • Prerequisites
  • Install Ingress-Nginx using a Helm chart (recommended)
  • Configure the Helm Chart
  • Deploy the Helm Chart
  • Verify Deployment
  • Install Ingress-Nginx using kubectl
  • Create Service
  • Create Ingress
  • Expose Ports Externally
  1. Connectors & Drivers
  2. Configure Cluster Ingress

Ingress-Nginx in Kubernetes

Configuring Ingress-Nginx in Kubernetes

PreviousGCE Ingress in KubernetesNextSecurity & Trust

Last updated 1 month ago

Prerequisites

  • in the local environment or the machine that will be used for the deployment.

  • in the local environment or the machine that will be used for deployment.

Install Ingress-Nginx using a Helm chart (recommended)

Configure the Helm Chart

  1. Clone the GitHub repository containing the Helm charts from the or the command provided below:

    git clone git@github.com:e6x-labs/helm-charts.git

  2. Customize Chart Values: Navigate to the cloned Helm chart directory (./charts/ingress/ ) and modify the values in the values.yaml file or create a custom value file.

    • This file contains configuration options that customize the behavior of the chart during deployment. You can adjust parameters such as the image version, service type, ingress settings, etc., based on your requirements.

    • It is mandatory to edit the following values in the values.yaml file:

cloud: <CLOUD_PROVIDER>
alias: <ALIAS_NAME>
workspace: <WORKSPACE_NAME>
cluster: <CLUSTER_NAME>

Deploy the Helm Chart

Use the helm install command to deploy the Helm chart. Provide a release name for the deployment and specify the path to the chart directory. For example:

helm install <RELEASE_NAME> ./charts/ingress/

The above command deploys the Helm chart with <RELEASE_NAME> using the configuration from the ./charts/ingress/ directory.

<RELEASE_NAME> can be set to any value.

Verify Deployment

Use the following kubectl commands to verify that the Kubernetes resources (services & ingresses) have been created and are running as expected:

kubectl get services -n <E6DATA_NAMESPACE>
kubectl get ingress -n <E6DATA_NAMESPACE>

If the Ingress resource has been set up correctly and the e6data engine is exposed externally, external tools & services can now connect to it using the configured hostname or IP address.

A Personal Access Token is required for authentication.

Install Ingress-Nginx using kubectl

Create Service

Create a service file, following the example below:

A separate Service should be created for each e6data cluster (if external access is required for multiple clusters).

Sample e6data-ext-access-service-ingress-nginx.yaml
e6data-ext-access-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: e6data-ext-access-cluster1  # edit as required
  namespace: e6data # change to e6data workspace namespace
  labels:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  annotations:
    nginx.ingress.kubernetes.io/whitelist-source-range: "<IP(S)_TO_BE_ALLOWLISTED>"
    nginx.ingress.kubernetes.io/ssl-certificate: "<CERT(S)_SECRET_NAME>"
spec:
  type: ClusterIP
  selector:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  ports:
  - protocol: TCP
    port: 9000                  # external access port, edit as required
    targetPort: http            # change to HTTPS if SSL certificate is used
    name: http                  # change to HTTPS if SSL certificate is used

To create the Service, apply the manifest to the cluster by running this command:

kubectl apply -f e6data-ext-access-service.yaml

Create Ingress

  • To expose a single cluster; one service file & one ingress file is required.

  • To expose multiple clusters; multiple service files (for each cluster) & one ingress file with multiple paths are required.

Create the ingress file following the examples below:

Expose a Single Cluster

Sample e6data-ingress-nginx-single-cluster.yaml
e6data-ingress-nginx-single-cluster.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: e6data-ext-access
  namespace: default
  labels:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  #annotations:                          # Uncomment for GKE Ingress Controller
    #kubernetes.io/ingress.class: "nginx"
spec:
  ingressClassName: nginx                # Comment out for GKE Ingress Controller
  rules:
    - host: ""                           # optional, domain name
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific  
            backend:
              service:
                name: e6data-ext-access-cluster1  # match the service name
                port:
                  number: 9000

Expose Multiple Clusters

Sample e6data-ingress-nginx-multiple-clusters.yaml
e6data-ingress-nginx-multiple-clusters.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: e6data-ext-access
  namespace: e6data
  labels:
    cloud: <CLOUD_PROVIDER>
    cluster: [<CLUSTER1_NAME>,[<CLUSTER2_NAME>]
    alias: <ALIAS>
    workspace: [<WORKSPACE1>,<WORKSPACE2>]
spec:
  ingressClassName: nginx
  rules:
    - host: ""                                    # optional, domain name
      http:
        paths:
          - path: /<CLUSTER1_NAME>                # edit as required
            pathType: ImplementationSpecific  
            backend:
              service:
                name: e6data-ext-access-cluster1  # match the service name
                port:
                  number: 9000
          - path: /<CLUSTER2_NAME>                # edit as required
            pathType: ImplementationSpecific  
            backend:
              service:
                name: e6data-ext-access-cluster2  # match the service name
                port:
                  number: 9000

To create the Ingress resource, apply the manifest to the cluster:

kubectl apply -f e6data-ingress.yaml

Expose Ports Externally

There are three steps required to externally expose a TCP port:

  1. Create a ConfigMap.

  2. If TCP proxy support is used, then those ports need to be exposed in the Service defined for the Ingress.

  3. Add the ConfigMap to the Ingress Controller's deployment arguments.

A sample ConfigMap is provided below:

e6data-ingress-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: e6data-ext-tcp
  namespace: <E6DATA_K8_NAMESPACE>
data:
  9000: "<E6DATA_K8_NAMESPACE>/<SERVICE_NAME>:9000" # replace default with the e6data k8s namespace

After the required port is externally exposed, the process is complete.

Ingress has now been created and external tools will be able to access the e6data cluster using the configured port/s (9000 in this example).

To enable access to multiple clusters, please repeat to create a separate service file for each cluster.

Please refer to the for detailed instructions to externally expose a TCP port according to your requirements.

kubectlshould be installed
Helm should be installed
Install Ingress-Nginx Controller
GitHub URL
official Ingress-Nginx documentation
the steps above
862B
e6data-ext-access-service-ingress-nginx.yaml
Download the Ingress-Nginx service file template
794B
e6data-ingress-nginx-single-cluster.yaml
Download the Ingress-Nginx ingress file template for single cluster scenarios
997B
e6data-ingress-nginx-multiple-clusters.yaml
Download the Ingress-Nginx ingress file template for multiple cluster scenarios