Ingress¶
The presto.ingress
section of the values.yaml
configures an ingress to expose the Denodo Embedded MPP to Denodo server.
The ingress is usually combined with ClusterIP as the service type: presto.service.type
property.
It is an alternative to create a dedicated load balancer for the Embedded MPP.
In order for the ingress to work, the Kubernetes cluster must have an ingress controller running, such as NGINX Ingress Controller or Traefik.
By default, SSL/TLS gets terminated in the ingress controller: the ingress controller accepts SSL/TLS connections and forwards them without SSL/TLS to the Denodo Embedded MPP service on the HTTP port.
presto:
service:
type: ClusterIP
ingress:
enabled: true
name: presto-ingress
annotations: {}
className: ""
host: "denodompp.acme.com"
path: /
pathType: ImplementationSpecific
tls:
enabled: true
secretName: ""
create: true
certFile: "ingress.cert"
keyFile: "ingress.key"
host: The hostname of the Denodo Embedded MPP.
classname: The ingress class to be used. If the default ingress class is used, this parameter can be omitted.
tls:
enabled: whether to secure the external traffic to the ingress or not. Enabled by default. You need the public certificate,
certFile
, and the private key associated,keyFile
, from a certificate authority (CA), from a private authority or self-signed.secretName: the name of an existent secret containing the public certificate and the private key. You have to create the Kubernetes secret:
kubectl create secret tls denodo-mpp-ingress-tls \ --key ingress.key \ --cert ingress.crt **or alternatively**
create: if true a secret will be created containing the public certificate and the private key. In this case, the file names have to be set in
certFile
andkeyFile
and the files must be placed in thepresto
directory for the secret to be created.