# Ingress-Nginx in Kubernetes ## Prerequisites * [`kubectl`should be installed](https://kubernetes.io/docs/tasks/tools/) in the local environment or the machine that will be used for the deployment. * [Helm should be installed](https://helm.sh/docs/intro/install/) in the local environment or the machine that will be used for deployment. * [Install Ingress-Nginx Controller](https://kubernetes.github.io/ingress-nginx/deploy/) ## Install Ingress-Nginx using a Helm chart (recommended) ### Configure the Helm Chart 1. Clone the GitHub repository containing the Helm charts from the [GitHub URL](https://github.com/e6x-labs/helm-charts) or the command provided below: `git clone git@github.com:e6x-labs/helm-charts.git` 2. **Customize Chart Values:** Navigate to the cloned Helm chart directory (`./charts/ingress/` ) and modify the values in the `values.yaml` file or create a custom value file. * This file contains configuration options that customize the behavior of the chart during deployment. You can adjust parameters such as the image version, service type, ingress settings, etc., based on your requirements. * It is mandatory to edit the following values in the `values.yaml` file: ```yaml cloud: alias: workspace: cluster: ``` ### **Deploy the Helm Chart** Use the `helm install` command to deploy the Helm chart. Provide a release name for the deployment and specify the path to the chart directory. For example: `helm install ./charts/ingress/` The above command deploys the Helm chart with `` using the configuration from the `./charts/ingress/` directory. `` can be set to any value. ### **Verify Deployment** Use the following `kubectl` commands to verify that the Kubernetes resources (services & ingresses) have been created and are running as expected: ```bash kubectl get services -n kubectl get ingress -n ``` {% hint style="success" %} If the Ingress resource has been set up correctly and the e6data engine is exposed externally, external tools & services can now connect to it using the configured hostname or IP address. A [Personal Access Token](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/connectors-and-drivers/configure-cluster-ingress/broken-reference) is required for authentication. {% endhint %} ## Install Ingress-Nginx using kubectl ## Create Service Create a service file, following the example below: {% hint style="warning" %} A separate Service should be created for each e6data cluster (if external access is required for multiple clusters). {% endhint %} {% file src="" %} Download the Ingress-Nginx service file template {% endfile %}

Sample e6data-ext-access-service-ingress-nginx.yaml

apiVersion: v1
kind: Service
metadata:
  name: e6data-ext-access-cluster1  # edit as required
  namespace: e6data # change to e6data workspace namespace
  labels:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  annotations:
    nginx.ingress.kubernetes.io/whitelist-source-range: "<IP(S)_TO_BE_ALLOWLISTED>"
    nginx.ingress.kubernetes.io/ssl-certificate: "<CERT(S)_SECRET_NAME>"
spec:
  type: ClusterIP
  selector:
    cloud: <CLOUD_PROVIDER>
    alias: <ALIAS>
    workspace: <WORKSPACE_NAME>
    cluster: <CLUSTER_NAME>
  ports:
  - protocol: TCP
    port: 9000                  # external access port, edit as required
    targetPort: http            # change to HTTPS if SSL certificate is used
    name: http                  # change to HTTPS if SSL certificate is used

To create the Service, apply the manifest to the cluster by running this command: `kubectl apply -f e6data-ext-access-service.yaml` {% hint style="info" %} To enable access to multiple clusters, please repeat[ the steps above](#create-service) to create a separate service file for each cluster. {% endhint %} ## Create Ingress {% hint style="info" %} * To expose a single cluster; one service file & one ingress file is required. * To expose multiple clusters; multiple service files (for each cluster) & one ingress file with multiple paths are required. {% endhint %} Create the ingress file following the examples below: #### Expose a Single Cluster {% file src="" %} Download the Ingress-Nginx ingress file template for single cluster scenarios {% endfile %}

Sample e6data-ingress-nginx-single-cluster.yaml

{% code title="e6data-ingress-nginx-single-cluster.yaml" %} ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: e6data-ext-access namespace: default labels: cloud: alias: workspace: cluster: #annotations: # Uncomment for GKE Ingress Controller #kubernetes.io/ingress.class: "nginx" spec: ingressClassName: nginx # Comment out for GKE Ingress Controller rules: - host: "" # optional, domain name http: paths: - path: / pathType: ImplementationSpecific backend: service: name: e6data-ext-access-cluster1 # match the service name port: number: 9000 ``` {% endcode %}

#### Expose Multiple Clusters {% file src="" %} Download the Ingress-Nginx ingress file template for multiple cluster scenarios {% endfile %}

Sample e6data-ingress-nginx-multiple-clusters.yaml

{% code title="e6data-ingress-nginx-multiple-clusters.yaml" %} ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: e6data-ext-access namespace: e6data labels: cloud: cluster: [,[] alias: workspace: [,] spec: ingressClassName: nginx rules: - host: "" # optional, domain name http: paths: - path: / # edit as required pathType: ImplementationSpecific backend: service: name: e6data-ext-access-cluster1 # match the service name port: number: 9000 - path: / # edit as required pathType: ImplementationSpecific backend: service: name: e6data-ext-access-cluster2 # match the service name port: number: 9000 ``` {% endcode %}

To create the Ingress resource, apply the manifest to the cluster: `kubectl apply -f e6data-ingress.yaml` ### Expose Ports Externally There are three steps required to externally expose a TCP port: 1. Create a ConfigMap. 2. If TCP proxy support is used, then those ports need to be exposed in the Service defined for the Ingress. 3. Add the ConfigMap to the Ingress Controller's deployment arguments. Please refer to the [official Ingress-Nginx documentation](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md) for detailed instructions to externally expose a TCP port according to your requirements. A sample ConfigMap is provided below: {% code title="e6data-ingress-configmap.yaml" %} ```json apiVersion: v1 kind: ConfigMap metadata: name: e6data-ext-tcp namespace: data: 9000: "/:9000" # replace default with the e6data k8s namespace ``` {% endcode %} After the required port is externally exposed, the process is complete. {% hint style="success" %} Ingress has now been created and external tools will be able to access the e6data cluster using the configured port/s (9000 in this example). {% endhint %}