Optional Configurations - Configuring the Producer Ingress Cluster & Internal Load Balance Creation
Configuring the Producer Ingress Cluster (OPTIONAL)
A pop-up window should appear prompting you to enable the necessary Ingress configuration in the cluster, as shown in the reference image.
Click the "Enable" button to proceed.
This process may take some time as the necessary changes are applied to enable Ingress.
.yaml manifest included in the configuration.Two Ingresses must be created: one named producer-oneconnect and another named apigateway, both within the oneconnect namespace.
In both cases, the Ingress should reference the apigateway service.
The creation steps are the same for both Ingresses.
apigateway and oneconnect.A new Key Vault must be created, as Azure's policy for Ingress requires it as a mandatory component.
Click on the "Select a certificate" option and proceed to create the certificate using the default settings.
In the "Select Certificate" option, make sure to convert the certificate to
.pfx format in order to import it and reference it within the Key Vault.You can now proceed to review the configuration and create the Ingress.
Creating an Internal Load Balancer as a Private Entry Point to OneConnect Services
If the environment is not connected to the internet and the entire deployment is performed internally within Azure, a private entry point must be created for the user portal and optionally for the generated workspaces.
To do this:
Navigate to the "Services and Ingress" section.
Click on "Create", then select "Apply YAML".
Apply the
internal-loadbalancer.yamlmanifest.
This will create a private entry point that will ensure connectivity within the internal environment in Azure.
apigateway, which must be used as the connection endpoint for the frontend of the OneConnect user platform.After the load balancer is created, the IP address shown as "external" is actually the private IP that should be used to establish connections to the cloud services on port 9000.
For example, a valid REST login endpoint would be:
http://10.224.0.222:9000/auth/api/v1/auth/signin
Optional:
If you need to generate a private IP for a workspace and cannot use the cluster IP from the deployment, you can follow the same steps after the workspace has been created, using theinternallb-workspace.yamlmanifest.
Replace the placeholders marked as XXX with the name of the generated workspace.
Copy the value of the "oneconnect" label.
Related Articles
AWS - Creation and Configuration of Service for Producer Pods
Creation and Configuration of Service for Producer Pods This procedure applies only to producer pods that are automatically generated after creating a new workspace in the One Connect platform. The goal is to expose these pods through an internal ...OneConnect - Advanced Configurations for Kubernetes
Advanced Configurations for Kubernetes These configurations are optional and should only be applied if required by the client’s environment. They allow you to control how Kubernetes schedules and distributes pods within the cluster. 1. Tolerations ...SmartGateway - Kubernetes Environment T-Shirt Sizing
Small T-Shirt Size Item Specification Pod Size (Producer & Consumer) 0.25 vCPU – 512 MB RAM Number of Pods (Producer & Consumer) 3 Total Infrastructure Size 4 vCPU / 16 GB RAM Description JSON Size (MB) Orders/ Min MB/ Min Orders/ Hour GB/ Hour Order ...Azure - OneConnect Deployment and Configuration
One Connect Platform: Kubernetes Azure Deployment Manual for Private Network This manual outlines the steps required to deploy the One Connect system on a Kubernetes cluster within a Private Network (meaning the OneConnect Platform will not be ...Onibex Kafka Connector APP - Snowflake Native APP
Onibex Kafka Connector App The Onibex Kafka Connector App is a Snowflake Native Application that provides a fully integrated framework for managing Snowflake connectors in Confluent Cloud directly from Snowflake. It allows users to create, delete, ...