Scopear does not provide out-of-the-box ingress configuration due to the variety of ingress products available. Customers are responsible for setting up ingress controllers and configuring routing based on their own infrastructure needs. Popular options include:
NGINX Ingress Controller
Istio Ingress Gateway
OpenShift Ingress and Routes
These ingress controllers provide flexible ways to handle external traffic and route it to services within the Kubernetes cluster.
While Scopear doesn’t provide specific ingress configurations, we offer virtual-service.yaml files for Istio users and OpenShift routes for customers deploying on OpenShift clusters. These optional tools can simplify routing configuration if the customer wishes to use them.
Additionally, customers are responsible for configuring their own Load Balancers for ingress. Depending on the infrastructure, customers can choose between:
Network Load Balancer (NLB): A layer four load balancer suited for TCP/UDP-based traffic.
Application Load Balancer (ALB): A layer seven load balancer suited for HTTP/HTTPS traffic.
Example Load Balancer Configurations (AWS and Azure)
For AWS, customers can use annotations to configure their load balancers. Below is an example configuration using annotations for both NLB and ALB with AWS. Similar annotations can be used for Azure by specifying the appropriate service annotations.
apiVersion: v1
kind: Service
metadata:
name: web-service
annotations:
# For ALB (Application Load Balancer)
service.beta.kubernetes.io/aws-load-balancer-type: "alb"
service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
external-dns.alpha.kubernetes.io/hostname: "web.example.com"
# For NLB (Network Load Balancer)
service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp"
spec:
ports:
port: 80
targetPort: 8080
type: LoadBalancer
This YAML snippet shows how to set up an ALB or NLB using AWS-specific annotations. Azure customers can specify similar annotations based on their chosen load balancer configuration.
Zeus and IoT Load Balancer Annotations
The Zeus and IoT services require direct TCP connections using an NLB or similar load balancer type that operates at layer 4 of the OSI model. Section 2.2 of this document goes over in more detail how you can use annotations (if desired) to set up these load balancers with your respective cloud controller. Scopear provides customers with a section within values.yaml file for services like Zeus and IoT, where customers can configure load balancer settings via annotations. Here’s an example configuration for Zeus:
zeus:
enabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-name: scopear-zeus-k8s-prod
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "eks:cluster-name=k8s-example"
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-healthcheck-healthy-threshold: '2'
service.beta.kubernetes.io/aws-load-balancer-healthcheck-interval: '10'
service.beta.kubernetes.io/aws-load-balancer-healthcheck-unhealthy-threshold: '2'
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
service.beta.kubernetes.io/aws-load-balancer-type: external
external-dns.alpha.kubernetes.io/hostname: zeus.example.com
config:
redis:
host: master.scopear-example.usw2.cache.amazonaws.com
port: 6379
database: 9
use_auth: true
For IoT, the configuration is similar:
iot:
enabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-name: scopear-mqtt-k8s-prod
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "eks:cluster-name=k8s-example"
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-healthcheck-healthy-threshold: '2'
service.beta.kubernetes.io/aws-load-balancer-healthcheck-interval: '10'
service.beta.kubernetes.io/aws-load-balancer-healthcheck-unhealthy-threshold: '2'
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
service.beta.kubernetes.io/aws-load-balancer-type: external
external-dns.alpha.kubernetes.io/hostname: mqtt.example.com
port: 9000
ssl_enabled: true
If the annotations section is omitted from the values.yaml, the services will default to type: NodePort. In this case, customers can configure their external load balancers as needed. Please refer to section 2.2 of the document for more info.