Kubernetes Networking configuration

info

Note: For Helm chart installation, NFS, storage setup, and production database recommendations, see Helm Chart Configuration & Dependencies.

Third-party networking

Kubernetes network policies, ingress controllers, DNS, TLS termination, and load balancers are infrastructure that you operate. Exivity documents the traffic requirements for the application, but you are responsible for operating and supporting the third-party networking products you choose.

Network Policy

For the technical side of the implementation, read the Kubernetes network policy docs.

Intra Namespace Networking

Within a single deployment of Exivity, many services require access to other services to operate. All of the required connectivity is provisioned automatically when using the default installation using helm.

When using external services, e.g. a self-managed database, you must provide the required policies yourself.

External Connectivity

Ingress

The number of Exivity services that require ingress from services outside the deployment itself is limited to the following;

Glass, the GUI
Proximity, the API service

Egress

The number of Exivity services that require egress to endpoints outside the deployment itself is limited to the following;

Proximity, to connect to auth related endpoints
USE, which scrapes usage data for the application
Pigeon, used to message users about various event through the notification engine

Kubernetes Networking configuration

Network Policy​

Intra Namespace Networking​

External Connectivity​

Ingress​

Egress​

Network Policy

Intra Namespace Networking

External Connectivity

Ingress

Egress