Sections in this category

Ingress Examples

Enabling external access to the Kubecost product requires exposing access to port 9090 on the kubecost-cost-analyzer pod. Exposing this endpoint will handle routing to Grafana as well. This can be accomplished with a number of approaches, including Ingress or Service definitions.

The following example definitions use the NGINX Ingress Contoller.

Basic auth example

apiVersion: v1
data:
  auth: YWRtaW46JGFwcjEkZ2tJenJxU2ckMWx3RUpFN1lFcTlzR0FNN1VtR1djMAo= # default is admin:admin -- to be replaced
kind: Secret
metadata:
  name: kubecost-auth
  namespace: kubecost
type: Opaque
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: kubecost-ingress
  namespace: kubecost
  labels:
    app: kubecost
  annotations:
     nginx.ingress.kubernetes.io/auth-type: basic
     nginx.ingress.kubernetes.io/auth-secret: kubecost-auth
     nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - ok"
spec:
  backend:
    serviceName: kubecost-cost-analyzer
    servicePort: 9090

Here is a second basic auth example that uses a Kubernetes Secret.

Non-root path example

Note that when deploying Grafana on a non-root url, you also need to update your grafana.ini to reflect this. More info.

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: kubecost-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/enable-cors: "true"
    # remove path prefix from requests before sending to kubecost-frontend
    nginx.ingress.kubernetes.io/rewrite-target: /$2
    # add trailing slash to requests of index
    nginx.ingress.kubernetes.io/configuration-snippet: |
      rewrite ^(/kubecost)$ $1/ permanent;
spec:
  rules:
  - host: demo.kubecost.io
    http:
      paths:
      # serve kubecost from demo.kubecost.io/kubecost/
      - path: /kubecost(/|$)(.*)
        backend:
          serviceName: kubecost-cost-analyzer # should be configured if another helm name or service address is used 
          servicePort: 9090

ALB Example

Once an AWS Load Balancer Controller is installed, you can use a the following Ingress resource manifest pointed at the kubecost-cost-analyzer service:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: kubecost # replace if kubecost is installed under another namespace
  name: kubecost-alb-ingress
  annotations:  
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/scheme: internet-facing
spec:
  rules:
    - http:
        paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: kubecost-cost-analyzer
              port:
                number: 9090

Edit this doc on Github