Skip to content

Managed K8S Prerequisites

This page details the infrastructure prerequisites required to deploy kdb Insights Enterprise on the Kubernetes container orchestration system.

Managed Kubernetes cluster

kdb Insights Enterprise currently supports the managed Kubernetes offerings below.

  • Amazon EKS version <=1.33

  • Google GKE version <=1.33

  • Microsoft Azure AKS version <=1.33

Cluster Node Pools

The number of node pools required for the cluster depends on the rook-ceph configuration used.

  • Host Storage Cluster

    For rook-ceph with Host Storage Cluster configuration two separate node pools are required. See Host Storage Cluster for more details.

  • PVC Cluster

    For rook-ceph with PVC Cluster configuration a single node pool is sufficient. See PVC Cluster for more details.

Note

The default configuration provided by the Infrastructure as Code example scripts uses a Host Storage Cluster configuration with separate compute and storage node pools.

Ingress Controller

An ingress controller such as F5 Ingress from ingress-nginx or ingress-nginx is required to access the kdb Insights Enterprise dashboards and APIs from outside the cluster.

Note

The ingress controller ingress-nginx has been retired and is no longer maintained. Refer to the Ingress controller change page for more details on how to install the F5 Ingress from ingress-nginx in an existing deployment.

You need a valid SSL certificate for the ingress endpoint to use the Ingress Controller. For details, see how certificates are used in kdb Insights Enterprise.

Certificate Manager

The cert-manager installation is required to add certificates and certificate issuers as resource types in the Kubernetes cluster.

Each deploy of kdb Insights Enterprise will create a namespaced certificate issuer to provide mTLS between microservices.

A ClusterIssuer such as letsencrypt can be used with the Ingress Controller above to provide a certificate for the API endpoints.

Note

Air-gapped deploys: cert-manager requires outbound access to the internet as well as unrestricted inbound HTTP access to the cluster and so cannot be used in an air-gapped environment. Instead, the Ingress Controller should reference a Kubernetes secret that contains a certificate for the API endpoints.

Distributed storage system

The data tier in kdb Insights Enterprise requires a shared filesystem such as Rook Ceph which can be mounted with read/write permission from multiple pods. Choose from one of the supported file systems based on your performance and availability requirements.

Network file systems

kdb Insights Enterprise requires a storage class named sharedfiles to provision shared file storage instances.

DNS record which points to your Kubernetes Ingress

To access your cluster, create a DNS record that resolves to the external IP address of the cluster’s Ingress Controller. For more information, see DNS Setup.,