Optional Configurations - Configuring the Producer Ingress Cluster & Internal Load Balance Creation
Configuring the Producer Ingress Cluster (OPTIONAL)
A pop-up window should appear prompting you to enable the necessary Ingress configuration in the cluster, as shown in the reference image.
Click the "Enable" button to proceed.
This process may take some time as the necessary changes are applied to enable Ingress.
.yaml manifest included in the configuration.Two Ingresses must be created: one named producer-oneconnect and another named apigateway, both within the oneconnect namespace.
In both cases, the Ingress should reference the apigateway service.
The creation steps are the same for both Ingresses.
apigateway and oneconnect.A new Key Vault must be created, as Azure's policy for Ingress requires it as a mandatory component.
Click on the "Select a certificate" option and proceed to create the certificate using the default settings.
In the "Select Certificate" option, make sure to convert the certificate to
.pfx format in order to import it and reference it within the Key Vault.You can now proceed to review the configuration and create the Ingress.
Creating an Internal Load Balancer as a Private Entry Point to OneConnect Services
If the environment is not connected to the internet and the entire deployment is performed internally within Azure, a private entry point must be created for the user portal and optionally for the generated workspaces.
To do this:
Navigate to the "Services and Ingress" section.
Click on "Create", then select "Apply YAML".
Apply the
internal-loadbalancer.yamlmanifest.
This will create a private entry point that will ensure connectivity within the internal environment in Azure.
apigateway, which must be used as the connection endpoint for the frontend of the OneConnect user platform.After the load balancer is created, the IP address shown as "external" is actually the private IP that should be used to establish connections to the cloud services on port 9000.
For example, a valid REST login endpoint would be:
http://10.224.0.222:9000/auth/api/v1/auth/signin
Optional:
If you need to generate a private IP for a workspace and cannot use the cluster IP from the deployment, you can follow the same steps after the workspace has been created, using theinternallb-workspace.yamlmanifest.
Replace the placeholders marked as XXX with the name of the generated workspace.
Copy the value of the "oneconnect" label.
Related Articles
OneConnect Deployment and Configuration
One Connect Platform: Kubernetes Azure Deployment Manual for Private Network This manual outlines the steps required to deploy the One Connect system on a Kubernetes cluster within a Private Network (meaning the OneConnect Platform will not be ...EKS EC2 Deployment Manual with Terraform
This manual provides step-by-step instructions for deploying an Amazon EKS (Elastic Kubernetes Service) cluster using Terraform. It includes the configuration of essential components such as AWS credentials, infrastructure provisioning, EBS CSI ...Performance Between Snowflake Connector vs Onibex Connector
Onibex Connector vs Snowflake Native Performance Analysis and Comparison Study Onibex Connector: Up to 35% Performance Improvement Optimized for high-throughput data ingestion into Snowflake Executive Summary This comprehensive performance analysis ...Onibex Snowflake Iceberg Sink Connector for Confluent Platform and Cloud
Snowflake Connector Setup Guide (JSON, No Primary Key Configuration for Confluent Cloud) Prerequisites Before setting up the Snowflake connector, gather the following information: 1. API Key - Your Confluent Cloud API key. You can create your Kafka ...Onibex Snowflake Sink Connector Benefits
The Onibex Snowflake Sink Connector enables real-time data ingestion from Confluent Platform and Confluent Cloud into topic-based subscription tables in Snowflake. It supports idempotent writes through elevator logic and allows for automatic table ...