Networking
This section will provide information on additional networking customizations that you can apply to your Ignition Helm Chart deployment.
Exposing Additional Service Ports​
By default, the Ignition Helm Chart exposes the following TCP ports via the headless ClusterIP service:
http->8088- Ignition Webserver HTTPhttps->8043- Ignition Webserver HTTPSgan->8060- Ignition Gateway Network SSL
You can expose additional ports via the gateway.ports value. For example, to expose MQTTS port 8883/tcp, you can use the following values override:
# testing.yaml
gateway:
ports:
mqtts: 8883
From here, you could then configure something like an IngressRouteTCP resource if you're using Traefik to route TCP traffic to MQTT Distributor in Ignition.
Pod-indexed Service and Ingress​
If you are deploying a scale-out architecture, you'll have a frontend StatefulSet with multiple replicas (via gateway.replicas). While you'd typically want to coordinate distribution of configuration and project resources via EAM or git-sync, you may still need to connect to an individual gateway's web UI.
You can enable pod-indexed services and ingresses to provide specific access to each pod in the StatefulSet.
# testing.yaml
gateway:
replicas: 2
service:
podIndexedServices:
create: true
ingress:
podIndexedIngressRules:
create: true
This will generate a unique Ingress rule in the Ingress resource for each gateway pod, associated with individual Service resources that select their respective pod by pod-index. The hostnames will be suffixed with -0, -1, etc. to match the pod names.
In the example above, for a release named ignition, you'd have the following hostnames:
ignition.localtest.meignition-0.localtest.meignition-1.localtest.me
This feature only works when driven from Helm. If you're scaling the StatefulSet externally, this feature may not be applicable. If you have sufficient access to the K8s API, you can leverage kubectl port-forward to establish ad-hoc connections to individual pods.