USER MANUALS

Ingress

The presto.ingress section of the values.yaml configures an ingress to expose the Denodo Embedded MPP to Denodo server.

The ingress is usually combined with ClusterIP as the service type: presto.service.type property. It is an alternative to create a dedicated load balancer for the Embedded MPP.

In order for the ingress to work, the Kubernetes cluster must have an ingress controller running, such as NGINX Ingress Controller or Traefik.

By default, SSL/TLS gets terminated in the ingress controller: the ingress controller accepts SSL/TLS connections and forwards them without SSL/TLS to the Denodo Embedded MPP service on the HTTP port.

presto:
  service:
    type: ClusterIP

  ingress:
    enabled: true
    name: presto-ingress
    annotations: {}
    className: ""
    host: "denodompp.acme.com"
    path: /
    pathType: ImplementationSpecific
    tls:
      enabled: true
      secretName: ""
      create: true
      certFile: "ingress.cert"
      keyFile: "ingress.key"
  • host: The hostname of the Denodo Embedded MPP.

  • classname: The ingress class to be used. If the default ingress class is used, this parameter can be omitted.

  • tls:

    • enabled: whether to secure the external traffic to the ingress or not. Enabled by default. You need the public certificate, certFile, and the private key associated, keyFile, from a certificate authority (CA), from a private authority or self-signed.

    • secretName: the name of an existent secret containing the public certificate and the private key. You have to create the Kubernetes secret:

      kubectl create secret tls denodo-mpp-ingress-tls \
         --key ingress.key \
         --cert ingress.crt
      
         **or alternatively**
      
    • create: if true a secret will be created containing the public certificate and the private key. In this case, the file names have to be set in certFile and keyFile and the files must be placed in the presto directory for the secret to be created.

Add feedback