Ingress and networking

Add an ingress Helm chart to an application

You can find the Release Helm chart for generating an ingress for your application in our GitHub repository.

Either copy the contents of the Release helm-ingress repository to your source control repository or reference the Helm chart using a remote repository chart:

charts:
- name: <service>-ingress
  add: release-ingress
  repo_url: https://raw.githubusercontent.com/releasehub-com/helm-ingress/main/
  directory: <path in your repo to values.yaml>
  install: release-ingress/release-ingress
  values: values.yaml

Configure the ingress Helm chart values

You need a values.yaml file in your source control repository to use the Helm chart.

Customize the values.yaml file to reference the service you would like to expose to the internet. For example, here is a values.yaml file for a service named frontend:

service:
  name: frontend
  externalPort: 5000
ingress:
  hosts:
    - ${FRONTEND_INGRESS_HOST}
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

Important version information

If you are using a Kubernetes cluster on v1.20 or below, add the following to your chart definition to pin the version to an older chart:

charts:
- name: <service>-ingress
  version: 2.1.0
  ...

Add a load balancer to a chart

If you are using AWS with EKS, include annotations in Service to create a Network Load Balancer (NLB) and assign an external DNS name. This example configures a TLS-enabled LDAPS port (636) and a non-TLS LDAP port (389):

apiVersion: v1
kind: Service
metadata:
  name: fid-service
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: external                                              # This creates an NLB
    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip                                         # Do not touch
    service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing                                     # Or, "private"
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"                   # Recommended
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <fill in your ACM certificate here>               # Optional for using TLS
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "636"                                            # Optional for using TLS
    service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: ELBSecurityPolicy-TLS13-1-2-2021-06 # Optional for using TLS
    external-dns.alpha.kubernetes.io/hostname: <fill in the hostname to use with a values file or similar>
spec:
  ports:
    - port: 389
      name: ldap
      targetPort: 2389
      protocol: TCP
    - port: 636
      name: ldaps
      targetPort: 2636
      protocol: TCP
  type: LoadBalancer
  selector:
    app: <insert the deployment or pod identifier here>
PreviousBuilding Docker imagesNextConfiguration

Last updated