I have difficulty setting up an Ingress with Helm Chart on the cloud.
In the FrontEnd and BackEnd charts values.yaml
:
...
service:
type: LoadBalancer
port: 8000 # 4200 for the FrontEnd
targetPort: 8000 # 4200 for FrontEnd
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-origin: "*"
nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS, DELETE"
nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,X-CustomHeader,X-LANG,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-ConSSH / 51970trol,Content-Type,X-Api-Key,X-Device-Id,Access-Control-Allow-Origin"
hosts:
- paths:
- path: /
pathType: ImplementationSpecific
...
The FrontEnd needs to talk to the BackEnd throughout the Ingress.
In the FrontEnd values.yaml, I need to have a value:
BACKEND_URL: XXX.XXX.XXX.XXX:8000
But I don't know the URL of the BackEnd Ingress, or at least, until I deploy the back.
You have two options:
Don't use the ingress but the service DNS name. This way your traffic doesn't even leave the cluster. If your backend service is called api
and deployed in the backend
namespace you can reach it internally using api.backend
. https://kubernetes.io/docs/concepts/services-networking/service/#dns has details about the mechanism.
You reserve the IP on GCP side and pass the IP as a parameter to your helm charts. If you don't, each deletion and recreation of the service will end up on a different IP by GCP. Clients who have a cached DNS response will not be able to use your service until it has expired.
For GCP this snippet from the documentation is correct.
Some cloud providers allow you to specify the
loadBalancerIP
. In those cases, the load-balancer is created with the user-specifiedloadBalancerIP
. If theloadBalancerIP
field is not specified, the loadBalancer is set up with an ephemeral IP address. If you specify aloadBalancerIP
but your cloud provider does not support the feature, theloadbalancerIP
field that you set is ignored.
So get a permanent IP and pass it as loadBalancerIP
to the service.
service:
spec:
type: LoadBalancer
port: 8000 # 4200 for the FrontEnd
targetPort: 8000 # 4200 for FrontEnd
loadBalancerIP: <the Global or Regional IP you got from GCP (depends on the LB)>