TABLE OF CONTENTS

   


You can create a Kublr cluster with Ingress feature enabled.


Ingress feature in Kublr is implemented as a helm chart that includes a standard Nginx ingress controller helm chart, and it can be customized according to the standard chart documentation: https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx


In particular it is possible to customize both Nginx configuration and Kubernetes deployment objects of the ingress controller, such as its Service load balancer.              


Nginx ingress controller helm chart values can be customized in the Kublr cluster specification as follows:


spec:
  features:
    ingress:
      values:
        ...


Some examples of the ingress controller customization are listed in the "Configuration" section of the chart documentation: https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx#configuration


All parameters available for customization via the values are described in the chart documentation: https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/#configuration


Ingress ELB Customization in AWS Clusters


Ingress ELB in AWS is created by Kubernetes AWS cloud provider in response to the ingress controller chart creating a Service of LoadBalancer type. Therefore any required customization of the ELB  must be done via Kubernetes Service annotations that in turn can be specified in the ingress controller chart's values in the Kublr cluster specification.


Various annotation that can be specified on the Service are described in the Kubernetes documentation at https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer (pick AWS tab for AWS or other tabs for other clouds).


For example, a load balancer type (ELB or NLB) can be selected via service.beta.kubernetes.io/aws-load-balancer-type annotation in Kublr cluster specification as follows:


spec:
  features:
    ingress:
      values:
        nginx-ingress:
          controller:
            service:
              enableHttp: false
              annotations:
                service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
                service.beta.kubernetes.io/aws-load-balancer-security-groups: sg-ab32hc33


This snippet disables HTTP on the ingress entry point, selects NLB as the type for the load balancer and instructs Kubernetes to associate the specified security group with the load balancer.


Specify Ingress ELB S3 Bucket Policy in AWS Clusters


AWS ELB access logs can be enabled using the annotations described in https://kubernetes.io/docs/concepts/services-networking/service/#elb-access-logs-on-aws


The use the following Kublr cluster specification snipped as an example:


spec:
  features:
    ingress:
      values:
        nginx-ingress:
          controller:
            service:
              annotations:
                service.beta.kubernetes.io/aws-load-balancer-access-log-enabled: "true"
                service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval: "60" # can be either "5" or "60"
                service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name: "my-bucket"
                service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix: "my-bucket-prefix/prod"