# GCE Ingress in Kubernetes

## Prerequisites <a href="#prerequisites" id="prerequisites"></a>

* [Enable GCE Ingress Controller](https://github.com/kubernetes/ingress-gce)
* [Enable the Google Kubernetes Engine API](https://console.cloud.google.com/flows/enableapi?apiid=container.googleapis.com&_ga=2.44781030.375972822.1688573369-1472213437.1685606505&_gac=1.115993076.1688620496.CjwKCAjwqZSlBhBwEiwAfoZUID6FkcVrPdwcCb2nJKAcS2KdBPY-UUFCXb0e7Pl09F-q2iavQpOI-hoCON8QAvD_BwE)
* To use the Google Cloud CLI for this task, [install](https://cloud.google.com/sdk/docs/install) and [initialize](https://cloud.google.com/sdk/docs/initializing) the gcloud CLI.
* [Enable the HttpLoadBalancing add-on](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress) using the Google Cloud console or the Google Cloud CLI.
* [`kubectl`should be installed](https://kubernetes.io/docs/tasks/tools/) in the local environment or the machine that will be used for the deployment.
* [Helm should be installed](https://helm.sh/docs/intro/install/) in the local environment or the machine that will be used for deployment.

## Install GCE Ingress using a Helm chart (recommended)

### Configure the Helm Chart

1. Clone the GitHub repository containing the Helm charts from the [GitHub URL](https://github.com/e6x-labs/helm-charts) or the command provided below:

   `git clone git@github.com:e6x-labs/helm-charts.git`
2. **Customize Chart Values:** Navigate to the cloned Helm chart directory (`./charts/ingress/` ) and modify the values in the `values.yaml` file or create a custom value file.
   * This file contains configuration options that customize the behavior of the chart during deployment. You can adjust parameters such as the image version, service type, ingress settings, etc., based on your requirements.
   * It is mandatory to edit the following values in the `values.yaml` file:

```yaml
cloud: <CLOUD_PROVIDER>
alias: <ALIAS_NAME>
workspace: <WORKSPACE_NAME>
cluster: <CLUSTER_NAME>
```

### **Deploy the Helm Chart**

Use the `helm install` command to deploy the Helm chart. Provide a release name for the deployment and specify the path to the chart directory. For example:

`helm install <RELEASE_NAME> ./charts/ingress/`

The above command deploys the Helm chart with `<RELEASE_NAME>` using the configuration from the `./charts/ingress/` directory.

`<RELEASE_NAME>` can be set to any value.

### **Verify Deployment**

Use the following `kubectl` commands to verify that the Kubernetes resources (services & ingresses) have been created and are running as expected:

```bash
kubectl get services -n <E6DATA_NAMESPACE>
kubectl get ingress -n <E6DATA_NAMESPACE>
```

{% hint style="success" %}
If the Ingress resource has been set up correctly and the e6data engine is exposed externally, external tools & services can now connect to it using the configured hostname or IP address.

A [Personal Access Token](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/connectors-and-drivers/configure-cluster-ingress/broken-reference) is required for authentication.
{% endhint %}

## Create Service

{% hint style="warning" %}
A separate Service should be created for each e6data cluster (if external access is required for multiple clusters).
{% endhint %}

Create a service file, following the example below:

{% file src="<https://3484040590-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FeVBYKZm1xFKFFVzS0lRJ%2Fuploads%2Fwzla4zkQbk6VJLycFjBF%2Fe6data-ext-access-service-gce.yaml?alt=media&token=d270a8ad-60c0-4422-ab64-de4abf9de915>" %}
Download the GCE Ingress service file template
{% endfile %}

<details>

<summary>Sample e6data-ext-access-service-gce.yaml</summary>

{% code title="e6data-ext-access-service-gce.yaml" %}

```yaml
apiVersion: v1
kind: Service
metadata:
  name: e6data-ext-access-cluster1  # edit as required
  namespace: <E6DATA_NAMESPACE> # change to e6data workspace namespace
  labels:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  annotations:
    networking.gke.io/whitelist: "<IP(S)_TO_BE_ALLOWLISTED>"
    networking.gke.io/managed-certificates: "<ARN(S)_OF_CERT(S)>"
spec:
  type: LoadBalancer
  selector:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  ports:
  - protocol: TCP
    port: 9000                  # external access port, edit as required
    targetPort: http            # change to HTTPS if SSL certificate is used
    name: http                  # change to HTTPS if SSL certificate is used
```

{% endcode %}

</details>

To create the Service, apply the manifest to the cluster by running this command:

`kubectl apply -f <SERVICE_YAML_FILE>.yaml`

{% hint style="info" %}
To enable access to multiple clusters, please repeat [the above steps](#create-service) to create a separate service file for each e6data cluster.
{% endhint %}

{% hint style="success" %}
Ingress has now been created and external tools will be able to access the e6data cluster using the configured port(s).
{% endhint %}