Skip to content

High Availability Considerations (NGINX-based Ingress controller)

This article provides configuration recommendations for the Wallarm Ingress controller to be highly available and prevented from downtimes.

Other recommendations

Wallarm’s version of the Kubernetes Ingress controller is based on the community-supported NGINX Ingress controller for Kubernetes, so the majority of recommendations found in the official Ingress controller documentation and on the public Internet are also applicable to Wallarm’s Ingress controller.

Recommended reading:

Configuration recommendations

The following recommendations are relevant for missing-critical (production) environments.

  • Use more than one Ingress controller pod instances. The behavior is controlled using the attribute controller.replicaCount in the values.yaml file. For example:

    controller:
      replicaCount: 2
    

  • Force the Kubernetes cluster to place Ingress controller pods on different nodes: this will increase the Ingress service's resilience in case of a node failure. This behavior is controlled using the Kubernetes pod anti-affinity feature, which is configured in the values.yaml file. For example:

    controller:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            - labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - nginx-ingress
            topologyKey: "kubernetes.io/hostname"
    

  • In clusters that are subject to unexpected traffic spikes or other conditions that may justify the use of Kubernetes's horizontal pod autoscaling (HPA) feature it can enabled in the values.yaml file using the following example:

    controller:
      autoscaling:
        enabled: true
        minReplicas: 1
        maxReplicas: 11
        targetCPUUtilizationPercentage: 50
        targetMemoryUtilizationPercentage: 50
    

  • Run at least two instances of Wallarm's postanalytics service based on the Tarantool database. These pods include ingress-controller-wallarm-tarantool in the name. The behavior is controlled in the file values.yaml using the attribute controller.wallarm.tarantool.replicaCount. For example:

    controller:
      wallarm:
        tarantool:
          replicaCount: 2
    

Configuration procedure

To set listed configurations, it is recommended to use the option --set of the commands helm install and helm upgrade, for example:

helm install --set controller.replicaCount=2 <INGRESS_CONTROLLER_RELEASE_NAME> wallarm/wallarm-ingress -n <KUBERNETES_NAMESPACE>

There are also other parameters required for correct Ingress controller installation. Please pass them in the --set option too.

helm upgrade --reuse-values --set controller.replicaCount=2 <INGRESS_CONTROLLER_RELEASE_NAME> wallarm/wallarm-ingress -n <KUBERNETES_NAMESPACE>