Customize Kubenretes Ingress

Customizing Ingress rules for exchanges on Kubernetes

Once you run HollaEx CLI commands with --kube flag, HollaEx CLI will automatically generate Ingress rules for Kubernetes with a default form. You can check these generated templates under templates/kubernetes/<EXCHANGE_NAME>-ingress.yaml> .

Default Ingress should be similar to the examples down below.

The HollaEx CLI generates Ingress rules which compatible with kubernetes/nginx-ingress.If you are planning to use a different Ingress controller, please customize annotations and detailed values based on your own ones.

Nginx rate limit setups on nginx.ingress.kubernetes.io/configuration-snippet are following pre-defined rate limit zone setups on HollaEx's own Ingress controller.

api : 4r/s

Please reference these values and add them to your own Ingress controller. For example, kubernetes/nginx-ingress support annotation called http-snippet to let users inject code snippets on Nginx.conf.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo-hollaex-ingress-api
  namespace: demo-hollaex
  annotations:
    kubernetes.io/ingress.class: "nginx"
    kubernetes.io/tls-acme: "true"
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/proxy-body-size: "6m"
    nginx.ingress.kubernetes.io/server-snippet: |
        location @maintenance_503 {
          internal;
          return 503;
        }
    nginx.ingress.kubernetes.io/configuration-snippet: |
      limit_req zone=api burst=10 nodelay;
      limit_req_log_level notice;
      limit_req_status 429;

      #error_page 403 @maintenance_503;

spec:
  rules:
  - host: api.testnet.demo-hollaex.io
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: demo-hollaex-server-api
            port:
              number: 10010
  
  tls:
  - secretName: demo-hollaex-tls-cert
    hosts:
    - api.testnet.demo-hollaex.io
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo-hollaex-ingress-plugins
  namespace: demo-hollaex
  annotations:
    kubernetes.io/ingress.class: "nginx"
    kubernetes.io/tls-acme: "true"
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/server-snippet: |
        location @maintenance_503 {
          internal;
          return 503;
        }
    nginx.ingress.kubernetes.io/proxy-body-size: "6m"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      #error_page 403 @maintenance_503;

spec:
  rules:
  - host: api.testnet.demo-hollaex.io
    http:
      paths:
      - pathType: Prefix
        path: /plugins
        backend:
          service:
            name: demo-hollaex-server-plugins
            port:
              number: 10011
    
  
  tls:
  - secretName: demo-hollaex-tls-cert
    hosts:
    - api.testnet.demo-hollaex.io

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo-hollaex-ingress-stream
  namespace: demo-hollaex
  annotations:
    kubernetes.io/ingress.class: "nginx"
    kubernetes.io/tls-acme: "true"
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/server-snippet: |
        location @maintenance_503 {
          internal;
          return 503;
        }
    nginx.ingress.kubernetes.io/proxy-body-size: "6m"
    nginx.org/websocket-services: "demo-hollaex-server-stream"
    nginx.ingress.kubernetes.io/upstream-hash-by: "$binary_remote_addr"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      #error_page 403 @maintenance_503;
spec:
  rules:
  - host: api.testnet.demo-hollaex.io
    http:
      paths:
      - pathType: Prefix
        path: /stream
        backend:
          service:
            name: demo-hollaex-server-stream
            port:
              number: 10080
  
  
  tls:
  - secretName: demo-hollaex-tls-cert
    hosts:
    - api.testnet.demo-hollaex.io

Guide for the `nginxinc/kubernetes-ingress` users.

If you are planning to use nginxinc/kubernetes-ingress, certain annotations should be modified as shown below.

If you are planning to use split Ingress rules like the example above, Consider using nginx.org/mergeable-ingress-type.

nginx.ingress.kubernetes.io/proxy-body-size-> nginx.org/client-max-body-size
nginx.ingress.kubernetes.io/configuration-snippet -> nginx.org/location-snippets

PreviousDigitalOcean LB NextExchange Keys

Last updated 2 years ago

Customizing Ingress rules for exchanges on Kubernetes

Guide for the nginxinc/kubernetes-ingress users.

Guide for the `nginxinc/kubernetes-ingress` users.