For installation instructions, refer to VPC Deployment Installation. The following sections provide examples of VPC deployments.

Example of GCP ingress

surface:
  ingress:
    enabled: true
    host: validio.example.com
    managedCert: true
    annotations:
      kubernetes.io/ingress.allow-http: "false"
      kubernetes.io/ingress.class: gce

This example creates a Kubernetes Ingress resource and a ManagedCertificate resource, with the specified hostname. Make sure that the created DNS A record points to the IP address of the load balancer. Without a DNS A record, the certificate is not created and the Kubernetes Ingress won’t work.

Use the following command to verify the IP address of the load balance:

kubectl -n validio get ingress validio-surface -o 
jsonpath='{.status.loadBalancer.ingress[0].ip}'

Example of AWS ingress

surface:
  ingress:
    enabled: true
    host: validio.example.com
    annotations:
      alb.ingress.kubernetes.io/certificate-arn: <ARN of certificate>
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
      alb.ingress.kubernetes.io/scheme: internet-facing
      alb.ingress.kubernetes.io/success-codes: 200,302
      alb.ingress.kubernetes.io/target-type: ip
      kubernetes.io/ingress.class: alb

This requires the AWS Load Balancer Controller Add-On. This example creates a Kubernetes Ingress resource with the specified hostname. You must first create a certificate with AWS Certificate Manager as specified in the annotations part. Then, use the Alias option to create a DNS A record that points to the endpoint of the load balancer.

Use the following command to verify the endpoint of the load balancer:

kubectl -n validio get ingress validio-surface -o 
jsonpath='{.status.loadBalancer.ingress[0].hostname}'

Example of Azure ingress

surface:
  ingress:
    enabled: true
    host: validio.example.com
    annotations:
      cert-manager.io/acme-challenge-type: http01
      cert-manager.io/cluster-issuer: letsencrypt
    ingressClassName: webapprouting.kubernetes.azure.com
    tls:
      enabled: true

This requires the AKS Application routing add-on with a workin external-dns setup and cert-manager for TLS . This example creates a Kubernetes Ingress resource with the specified hostname using TLS.

Example of Nginx Ingress

Configuring an Nginx Ingress can be done in a few different ways, here we will show just the basic options needed. For your environment you might need to add specific annotations local to your Kubernetes installation.

surface:
  ingress:
    enabled: true
    host: validio.example.com

Example of default memory and cpu resources set

🚧
Caution
Below is an example configuration using the above suggested resource configuration and some other sensible values. The YAML key surface.ingressbelow are GCP, AWS or Azure specific, please refer to examples above. Validio will provide customer specific configuration when applicable

meilisearch:
  resources:
    limits:
      memory: 1000Mi
    requests:
      cpu: 200m
  storage:
    capacity: 10Gi
    class: managed-premium
postgres:
  resources:
    limits:
      memory: 4000Mi
    requests:
      cpu: 200m
  storage:
    capacity: 50Gi
    class: managed-premium
redis:
  resources:
    limits:
      memory: 500Mi
    requests:
      cpu: 200m
  storage:
    capacity: 20Gi
    class: managed-premium
seastar:
  resources:
    limits:
      memory: 1000Mi
    requests:
      cpu: 200m
surface:
  ingress:
    enabled: true
    host: example.validio.io
  resources:
    limits:
      memory: 1000Mi
    requests:
      cpu: 200m
  service:
    type: ClusterIP
ve:
  diver:
    resources:
      limits:
        memory: 500Mi
      requests:
        cpu: 200m
  ingress:
    cache:
      size: 10G
    resources:
      limits:
        memory: 1000Mi
      requests:
        cpu: 200m
  pipelines:
    cache:
      size: 10G
    resources:
      limits:
        memory: 1000Mi
      requests:
        cpu: 200m