ingress-nginx Ingress Configuration¶
To use an 'external' ingress-nginx controller i.e. not the one optionally installed by the Kinetica Operators Helm chart it is necessary to disable ingress in the KineticaCluster CR.
The field spec.ingressController: nginx should be set to spec.ingressController: none.
It is then necessary to create the required Ingress CRs by hand. Below is a list of the Ingress paths that need to be exposed along with sample ingress-nginx CRs.
Required Ingress Routes¶
Ingress Routes¶
GAdmin Paths¶
| Path | Service | Port |
|---|---|---|
/gadmin | cluster-name-gadmin-service | gadmin (8080/TCP) |
/tableau | cluster-name-gadmin-service | gadmin (8080/TCP) |
/files | cluster-name^-gadmin-service | gadmin (8080/TCP) |
where cluster-name is the name of the Kinetica Cluster i.e. what is in the .spec.gpudbCluster.clusterName in the KineticaCluster CR.
Workbench Paths¶
| Path | Service | Port |
|---|---|---|
/ | workbench-workbench-service | workbench-port (8000/TCP) |
DB rank-0 Paths¶
| Path | Service | Port |
|---|---|---|
/cluster-145025b8(/gpudb-0(/.*|$)) | cluster-145025b8-rank0-service | httpd (8082/TCP) |
/cluster-145025b8/gpudb-0/hostmanager(.*) | cluster-145025b8-rank0-service | hostmanager (9300/TCP) |
DB rank-N Paths¶
| Path | Service | Port |
|---|---|---|
/cluster-145025b8(/gpudb-N(/.*|$)) | cluster-145025b8-rank1-service | httpd (8082/TCP) |
/cluster-145025b8/gpudb-N/hostmanager(.*) | cluster-145025b8-rank1-service | hostmanager (9300/TCP) |
Reveal Paths¶
| Path | Service | Port |
|---|---|---|
/reveal | cluster-name-reveal-service | reveal (8088/TCP) |
/caravel | cluster-name-reveal-service | reveal (8088/TCP) |
/static | cluster-name-reveal-service | reveal (8088/TCP) |
/logout | cluster-name-reveal-service | reveal (8088/TCP) |
/resetmypassword | cluster-name-reveal-service | reveal (8088/TCP) |
/dashboardmodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/dashboardmodelviewasync | cluster-name-reveal-service | reveal (8088/TCP) |
/slicemodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/slicemodelviewasync | cluster-name-reveal-service | reveal (8088/TCP) |
/sliceaddview | cluster-name-reveal-service | reveal (8088/TCP) |
/databaseview | cluster-name-reveal-service | reveal (8088/TCP) |
/databaseasync | cluster-name-reveal-service | reveal (8088/TCP) |
/databasetablesasync | cluster-name-reveal-service | reveal (8088/TCP) |
/tablemodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/csstemplatemodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/csstemplatemodelviewasync | cluster-name-reveal-service | reveal (8088/TCP) |
/users | cluster-name-reveal-service | reveal (8088/TCP) |
/roles | cluster-name-reveal-service | reveal (8088/TCP) |
/userstatschartview | cluster-name-reveal-service | reveal (8088/TCP) |
/permissions | cluster-name-reveal-service | reveal (8088/TCP) |
/viewmenus | cluster-name-reveal-service | reveal (8088/TCP) |
/permissionviews | cluster-name-reveal-service | reveal (8088/TCP) |
/accessrequestsmodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/accessrequestsmodelviewasync | cluster-name-reveal-service | reveal (8088/TCP) |
/logmodelview | cluster-name-reveal-service | reveal (8088/TCP) |
/logmodelviewasync | cluster-name-reveal-service | reveal (8088/TCP) |
/userinfoeditview | cluster-name-reveal-service | reveal (8088/TCP) |
/tablecolumninlineview | cluster-name-reveal-service | reveal (8088/TCP) |
/sqlmetricinlineview | cluster-name-reveal-service | reveal (8088/TCP) |
Example Ingress CRs¶
Example GAdmin Ingress CR¶
Example GAdmin Ingress CR
Example GAdmin Ingress CR
1. where apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cluster-name-gadmin-ingress #(1)!
namespace: gpudb
spec:
ingressClassName: nginx
tls:
- hosts:
- cluster-name.example.com #(1)!
secretName: kinetica-tls
rules:
- host: cluster-name.example.com #(1)!
http:
paths:
- path: /gadmin
pathType: Prefix
backend:
service:
name: cluster-name-gadmin-service #(1)!
port:
name: gadmin
- path: /tableau
pathType: Prefix
backend:
service:
name: cluster-name-gadmin-service #(1)!
port:
name: gadmin
- path: /files
pathType: Prefix
backend:
service:
name: cluster-name-gadmin-service #(1)!
port:
name: gadmin
cluster-name is the name of the Kinetica Cluster Example Rank Ingress CR¶
Example Rank Ingress CR
Example Rank Ingress CR
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cluster-name-rank1-ingress
namespace: gpudb
spec:
ingressClassName: nginx
tls:
- hosts:
- cluster-name.example.com
secretName: kinetica-tls
rules:
- host: cluster-name.example.com
http:
paths:
- path: /cluster-name(/gpudb-1(/.*|$))
pathType: Prefix
backend:
service:
name: cluster-name-rank1-service
port:
name: httpd
- path: /cluster-name/gpudb-1/hostmanager(.*)
pathType: Prefix
backend:
service:
name: cluster-name-rank1-service
port:
name: hostmanager
- where
cluster-nameis the name of the Kinetica Cluster
Example Reveal Ingress CR¶
Example Reveal Ingress CR
Example Reveal Ingress CR
1. where apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cluster-name-reveal-ingress
namespace: gpudb
spec:
ingressClassName: nginx
tls:
- hosts:
- cluster-name.example.com
secretName: kinetica-tls
rules:
- host: cluster-name.example.com
http:
paths:
- path: /reveal
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /caravel
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /static
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /logout
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /resetmypassword
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /dashboardmodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /dashboardmodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /slicemodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /slicemodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /sliceaddview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /databaseview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /databaseasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /databasetablesasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /tablemodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /tablemodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /csstemplatemodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /csstemplatemodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /users
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /roles
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /userstatschartview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /permissions
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /viewmenus
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /permissionviews
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /accessrequestsmodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /accessrequestsmodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /logmodelview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /logmodelviewasync
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /userinfoeditview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /tablecolumninlineview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
- path: /sqlmetricinlineview
pathType: Prefix
backend:
service:
name: cluster-name-reveal-service
port:
name: reveal
cluster-name is the name of the Kinetica Cluster Exposing the Postgres Proxy Port¶
In order to access Kinetica's Postgres functionality some TCP (not HTTP) ports need to be open externally.
For ingress-nginx a configuration file needs to be created to enable port 5432.
tcp-services.yaml
1. Change the namespace to the namespace your ingress-nginx controller is running in. e.g. apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: kinetica-system # (1)!
data:
'5432': gpudb/kinetica-k8s-sample-rank0-service:5432 #(2)!
'9002': gpudb/kinetica-k8s-sample-rank0-service:9002 #(3)!
ingress-nginx 2. This exposes the postgres proxy port on the default
5432 port. If you wish to change this to a non-standard port then it needs to be changed here but also in the Helm values.yaml to match.3. This port is the Table Monitor port and should always be exposed alongside the Postgres Proxy.