Moved from GitHub charts/13
Posted by orange-oranje:
Ratel is mainly used for access through http from the external world
The apps mostly use the alpha to communicate with Dgraph
I can pick this up, just wanted to know thoughts from someone who knows better
orange-oranje commented :
If ratel is exposed outside using an ingress should the alpha be exposed as well through an ingress ?
encryptblockr commented :
honestly i don’t understand who makes helm-charts and not have a way to expose endpoints so ppl can access outside the kubernetes cluster…like just can’t understand why
appreciate help with creating helm charts for this but it is almost useless to use…where is use case to access this dgraph outside the cluster? where is ingress? just frustrating that many projects all over the place but only a few actually provide real help
the single instance dev using kubectl has the ingress but for some reason they too smart to think no one will need ingress with helm charts
The latest helm chart dgraph-0.0.7 provides endpoints with:
LoadBalancer and we added support for service annotations needed for things like external DNS and load balancer configurations80 or 443. We tested this on ingress-nginx (gke, eks), aws-alb-ingress-controller, and gce
For security best practices with backend databases, I recommend not exposing alpha endpoint to public internet unless restricted to a limited list of IP addresses.
As an alternative, you can use annotations available for either an ingress or a loadbalancer (dependent on provider for external LoadBalancer or ingress controller options) to use an internal private IP for an endpoint. Then you would use either a bastion jump host (ssh) or VPN to connect to internal private network to access the private endpoint.