Infrastructure prerequisites

This section details the infrastructure prerequisites required to deploy kdb Insights Enterprise on the Kubernetes container orchestration system.

Managed Kubernetes cluster

kdb Insights Enterprise currently supports the managed Kubernetes offerings below.

• Amazon EKS
• Google GKE
• Microsoft Azure AKS

Cluster Node Pools

The number of node pools required for the cluster depends on the rook-ceph configuration used.

• Host Storage Cluster

  For rook-ceph with Host Storage Cluster configuration two separate node pools are required. See Host Storage Cluster for more details.

• PVC Cluster

  For rook-ceph with PVC Cluster configuration a single node pool is sufficient. See PVC Cluster for more details.

Note

The default configuration provided by the Infrastructure as Code example scripts uses a Host Storage Cluster configuration with separate compute and storage node pools.

Ingress Controller

An ingress controller such as ingress-nginx is required to access the kdb Insights Enterprise dashboards and APIs from outside the cluster.

In order to use the NGINX Ingress Controller a valid SSL certificate is required for the ingress endpoint. For details on how certificates are used in kdb Insights Enterprise see here.

Certificate Manager

The cert-manager installation is required to add certificates and certificate issuers as resource types in the Kubernetes cluster.

Each deploy of kdb Insights Enterprise will create a namespaced certificate issuer to provide mTLS between microservices.

A ClusterIssuer such as letsencrypt can be used with the NGINX Ingress Controller above to provide a certificate for the API endpoints.

NB air-gapped deploys: cert-manager requires outbound access to the internet as well as unrestricted inbound HTTP access to the cluster and so cannot be used in an air-gapped environment. Instead the NGINX Ingress Controller should reference a Kubernetes secret which contains a certificate for the API endpoints.

Distributed storage system

The data tier in kdb Insights Enterprise requires a shared filesystem such as Rook Ceph which can be mounted with read/write permission from multiple pods. Choose from one of the supported file systems based on your performance and availability requirements.

Network file systems

kdb Insights Enterprise requires a storage class named sharedfiles to provision shared file storage instances.

DNS record which points to your Kubernetes Ingress

In order to access your cluster, a DNS record should be created which resolves to the external IP address of the cluster’s NGINX Ingress Controller. For more information see DNS Setup.