Configure Cloud-Specific Helm Values
Ingress Internal Service Annotations
Ingress internal service is disabled by default. If enabled, then the internal service annotation requires cloud-specific values.
Include the following configuration in the custom_values.yaml.
GCP
The internal ingress service needs to be annotated with Google’s load balancer. Include the following configuration in the custom_values.yaml.
ingress-nginx:
controller:
service:
internal:
annotations:
networking.gke.io/load-balancer-type: "Internal"
cloud.google.com/load-balancer-type: "Internal"AWS
The internal ingress service needs to be annotated with AWS’s load balancer. Include the following configuration in the custom_values.yaml.
ingress-nginx:
controller:
service:
internal:
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: "true"Azure
To have the Kloudfuse available on public endpoint, please create a public IP address in the same resource group as the AKS cluster. Also add inbound security rules for HTTP & HTTPS as required.
The internal ingress service needs to be annotated with Azure's load balancer.
ingress-nginx:
controller:
service:
loadBalancerIP: "<<PUBLIC IP ADDRES>>"
externalTrafficPolicy: "Local"
internal:
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
kfuse-observability-agent:
datadog:
datadog:
kubelet:
tlsVerify: falseKfuse Observability Agent Configuration
On Azure, TLS verification of the observability agent needs to be disabled. Add the following configuration in the custom_values.yaml.