Expose Services via LoadBalancer¶
This section describes how to expose individual Privacera Platform services using the Kubernetes LoadBalancer
service type. This method is applicable only for Ingress-based deployments on AWS EKS
. By default, Privacera services are accessed through Ingress; however, in certain cases, you may need to expose specific services directly to the external network using a Load Balancer.
Prerequisites¶
- This feature is supported only for Ingress-based Privacera Manager deployments.
- Ensure that your Kubernetes cluster supports provisioning external LoadBalancers (e.g., via AWS ELB, Azure LoadBalancer, etc.).
- You must manually configure DNS for the LoadBalancer endpoints (e.g., create A or CNAME records) and handle any additional setup required for external access (e.g., firewall rules, IAM permissions).
Configuration Steps¶
To expose one or more services using a LoadBalancer, follow the steps below:
-
Copy the LoadBalancer sample file
-
Enable LoadBalancer for specific services
Edit the file
config/custom-vars/vars.kubernetes.external.lb.yml
and uncomment the lines corresponding to the services you want to expose. -
Redeploy Privacera Manager
This will redeploy the Privacera Services with updated configurations. The specified services will be recreated as Kubernetes services of type
LoadBalancer
. -
Update DNS Records
Once deployment completes, Kubernetes will assign external endpoints (IP or hostname) to the LoadBalancer services.
You must manually create DNS records to map the required hostnames to these new LoadBalancer addresses.
Note: You can find the LoadBalancer endpoints using:
Bash | |
---|---|
Example Output:
Text Only | |
---|---|
Update your DNS provider with this address to route traffic appropriately.
- Previous: Advanced Configuration