Skip to main content

MarkLogic Server on Kubernetes

HAProxy Ingress controller installation

To expose the HAProxy Ingress Controller, set the service type to LoadBalancer:

service:
    enabled: true     # set to false when controller.kind is 'DaemonSet' and 
    controller.daemonset.useHostPorts is true

    type: LoadBalancer    # can be 'ClusterIP', 'NodePort' or 'LoadBalancer'

    ## Service annotations
    ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/
       annotations/
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-type: "external"
      service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "60"
      service.beta.kubernetes.io/aws-load-balancer-name: haproxy-nlb
      service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
      service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
      service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:
      us-west-2:XXXXXXXXXXX:certificate/XXXXX-xxxx-XXXX-XXXX-XXXXxxxXXX
      service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443,8000,8001,8002,
      1024"
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-path: /healthz
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "31042"
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol: http
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-healthy-threshold: 
      "2"
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-unhealthy-threshold: 
      "3"
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-interval: "15"
      service.beta.kubernetes.io/aws-load-balancer-healthcheck-timeout: "5"
Items specified

Code

Description

type : LoadBalancer

Indicates that an external load balancer will be created for the Ingress Controller.
Annotations

Additional annotations are included below. See the full documentation for additional information.

Annotation

Description

service.beta.kubernetes.io/aws-load-balancer-name: haproxy-nlb

Defines the name of the NLB.

service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http

Indicates the SLL offload will be done at the NLB level.

service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:XXXXXXXXXXX:certificate/XXXX-xxxx-XXXX-XXXX-XXXXxxxXXX

Defines the ARN of the certificate used for SSL configuration.

service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443,8000,8001,8002,1024"

Sets up the ports exposed at the NLB level:

  • Standard HTTP and HTTPS port + MarkLogic standard ports.

  • Port 1024 exposes the HAProxy statistic page.

service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "31042"

NodePort 31042 exposes the health check port for HAProxy. See the example.

Example

## Controller Container listener port configuration
  ## ref: https://kubernetes.io/docs/concepts/services-networking/connect-
     applications-service/
  containerPort:
    http: 80
    https: 443
    stat: 1024
    ml-odbc: 5432
    healthz: 1042
    ml-query: 8000
    ml-admin: 8001
    ml-manage: 8002
...
   ## Additional tcp ports to expose
    ## This is especially useful for TCP services:
    ## https://github.com/haproxytech/kubernetes-ingress/blob/master/
       documentation/controller.md
    tcpPorts:
      - name: ml-odbc
        port: 5432
        targetPort: 5432
        nodePort: 31032
      - name: healthz
        port: 1042
        targetPort: 1042
        nodePort: 31042
      - name: ml-query
        port: 8000
        targetPort: 8000
        nodePort: 31800
      - name: ml-admin
        port: 8001
        targetPort: 8001
        nodePort: 31801
      - name: ml-manage
        port: 8002
        targetPort: 8002
        nodePort: 31802

The health check port 1042 at HAProxy is being exposed using NodePort 31042. The health check is the default port used for the readiness/liveness and startup probe.

In this section: