Ingress rules for Kubernetes

Customizing Ingress rules for exchanges on Kubernetes

Once you run HollaEx CLI commands with --kube flag, HollaEx CLI would automatically generate Ingress rules for Kubernetes with default form. You can check these generated templates under templates/kubernetes/<EXCHANGE_NAME>-ingress.yaml> .

Default Ingress should be similar to the examples down below.

HollaEx CLI generates Ingress rules which compatible with kubernetes/nginx-ingress.If you are planning to use a different Ingress controller, please customize annotations and detailed values based on your own ones.

Nginx rate limit setups on nginx.ingress.kubernetes.io/configuration-snippet are following pre-defined rate limit zone setups on bitHolla's own Ingress controller.

  • api : 4r/s

Please reference these values and add it on your own Ingress controller. For example, kubernetes/nginx-ingress support annotation called http-snippet to let user inject code snippets on Nginx.conf.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hollaex-ingress-api
namespace: hollaex
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "2m"
nginx.ingress.kubernetes.io/configuration-snippet: |
limit_req zone=api burst=10 nodelay;
limit_req_log_level notice;
limit_req_status 429;
spec:
rules:
- host: api.demo.bitholla.com
http:
paths:
- path: /v1
backend:
serviceName: hollaex-server-api
servicePort: 10010
tls:
- secretName: hollaex-tls-cert
hosts:
- api.demo.bitholla.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hollaex-ingress-api-order
namespace: hollaex
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "2m"
nginx.ingress.kubernetes.io/configuration-snippet: |
limit_req zone=api burst=10 nodelay;
limit_req_log_level notice;
limit_req_status 429;
spec:
rules:
- host: api.demo.bitholla.com
http:
paths:
- path: /v1/order
backend:
serviceName: hollaex-server-api
servicePort: 10010
tls:
- secretName: hollaex-tls-cert
hosts:
- api.demo.bitholla.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hollaex-ingress-api-admin
namespace: hollaex
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "2m"
spec:
rules:
- host: api.demo.bitholla.com
http:
paths:
- path: /v1/admin
backend:
serviceName: hollaex-server-api
servicePort: 10010
tls:
- secretName: hollaex-tls-cert
hosts:
- api.demo.bitholla.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hollaex-ingress-stream
namespace: hollaex
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "2m"
nginx.org/websocket-services: "hollaex-server-stream"
spec:
rules:
- host: api.demo.bitholla.com
http:
paths:
- path: /socket.io
backend:
serviceName: hollaex-server-stream
servicePort: 10080
tls:
- secretName: hollaex-tls-cert
hosts:
- api.demo.bitholla.com

For example, if you are planning to use nginxinc/kubernetes-ingress, certain annotations should be modified as shown below.

If you are planning to use splitted Ingress rules like the example up above, Consider using nginx.org/mergeable-ingress-type.

  • nginx.ingress.kubernetes.io/proxy-body-size-> nginx.org/client-max-body-size

  • nginx.ingress.kubernetes.io/configuration-snippet -> nginx.org/location-snippets