Added example for TLS and fixed comments

examples/aws/ingress/README.md

@@ -1,22 +1,19 @@
 # Overview 
 
-This document describes the steps on how to configure the GraphDB helm chart to use ingress on AWS EKS
+This document describes the steps on how to configure the GraphDB Helm chart to use Ingress on AWS EKS.
 
 ## Prerequisites
 
 * EKS Cluster: Ensure you have an EKS cluster up and running.
 * [Installing AWS Load Balancer Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.8/deploy/installation/)
 * [Ingress Setup](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html)
+* [Ingress Class](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/ingress_class/)
 * [Exposing kubernetes applications via ingress](https://aws.amazon.com/blogs/containers/exposing-kubernetes-applications-part-1-service-and-ingress-resources/)
 
 ## Example
-* [values.yaml](values.yaml) - Example of how to deploy and expose GraphDB with Ingress.
+
+* [values.yaml](values.yaml) - Example of how to deploy and expose GraphDB with Ingress without SSL enabled.
+* [values_https.yaml](values_https.yaml) - Example of how to deploy and expose GraphDB with Ingress with SSL enabled.
 
 ## Note
 After you deploy and the ingress is created please change the externalUrl value to the DNS name of the ALB or Route53.
-
-
-
-
-
-

examples/aws/ingress/values.yaml

@@ -1,32 +1,14 @@
-# This example shows how to deploy and expose GraphDB with AWS Load Balancer Controller Ingress.
+# This example shows how to deploy and expose GraphDB with AWS Load Balancer Controller Ingress without SSL.
 
 configuration:
-  externalUrl: graphdb-example-dns-name.com # Change this to your ALB DNS name or Route53 if you use it.
-
-service:
-  enabled: true
-  type: NodePort
-  port: 7200
+  externalUrl: http://graphdb-example-dns-name.com/ # Change this to your ALB DNS name or Route53 if you use it.
 
 ingress:
   enabled: true
+  className: "alb"
   annotations:
-    ingressClassName: "alb"
-    alb.ingress.kubernetes.io/load-balancer-name: graphdb-ingress
-    alb.ingress.kubernetes.io/target-type: ip
-    alb.ingress.kubernetes.io/scheme: internet-facing
-    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
-    alb.ingress.kubernetes.io/inbound-cidrs: "0.0.0.0/0"
-    alb.ingress.kubernetes.io/backend-protocol: HTTP
-  labels:
-    app: graphdb-0
-  rules:
-    - http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: graphdb
-                port:
-                  number: 7200
+   alb.ingress.kubernetes.io/load-balancer-name: graphdb-ingress
+   alb.ingress.kubernetes.io/target-type: ip
+   alb.ingress.kubernetes.io/scheme: internet-facing
+   alb.ingress.kubernetes.io/inbound-cidrs: "0.0.0.0/0"
+   alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'

examples/aws/ingress/values_https.yaml

@@ -0,0 +1,17 @@
+# This example shows how to deploy and expose GraphDB with AWS Load Balancer Controller Ingress with SSL enabled.
+
+configuration:
+  externalUrl: https://graphdb-example-dns-name.com/ # Change this to your ALB DNS name or Route53 if you use it.
+
+ingress:
+  enabled: true
+  className: "alb"
+  annotations:
+   alb.ingress.kubernetes.io/load-balancer-name: graphdb-ingress
+   alb.ingress.kubernetes.io/target-type: ip
+   alb.ingress.kubernetes.io/scheme: internet-facing
+   alb.ingress.kubernetes.io/inbound-cidrs: "0.0.0.0/0"
+   alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
+   alb.ingress.kubernetes.io/certificate-arn: "" # ARN of the ACM SSL Certificate that will be used
+   alb.ingress.kubernetes.io/ssl-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06"
+   alb.ingress.kubernetes.io/ssl-redirect: '443'

examples/aws/lb-example/README.md

@@ -1,13 +1,14 @@
 # EKS Load Balancer Type Deployment
 
-# Pre-requisites 
+This folder contains examples of using GraphDB with the AWS Network Load Balancer.
+
+## Pre-requisites 
 
 * EKS Cluster: Ensure you have an EKS cluster up and running.
 * [Installing AWS Load Balancer Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.8/deploy/installation/)
 * [AWS Documentation - Route TCP and UDP traffic with Network Load Balancers](https://docs.aws.amazon.com/eks/latest/userguide/network-load-balancing.html)
 
-This folder contains examples of using GraphDB with the AWS Network Load Balancer.
-
 ## Example
 
-* [values.yaml](values.yaml) - Example of how to deploy and expose GraphDB with Network Load Balancer.
+* [values.yaml](values.yaml) - Example of how to deploy and expose GraphDB with Network Load Balancer without SSL enabled.
+* [values_https.yaml] - Example of how to deploy and expose GraphDB with Network Load Balancer with SSL enabled.

examples/aws/lb-example/values.yaml

@@ -1,16 +1,14 @@
+# This example shows how to deploy and expose GraphDB with Network Load Balancer without SSL enabled.
+
 service:
- enabled: true
- ports:
+  enabled: true
+  ports:
    http: 80
- type: LoadBalancer
- loadBalancerClass: service.k8s.aws/nlb
- annotations:
-  service.beta.kubernetes.io/aws-load-balancer-name: "graphdb-lb"
-  service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
-  service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
-  service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"  # This ensures the load balancer is internet-facing
-  service.beta.kubernetes.io/load-balancer-source-ranges: "0.0.0.0/0"
-  service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" # SSL Certificate that will be used
-  service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "" # Ports to be used for the SSL
- metadata:
-  name: graphdb-load-balancer
+  type: LoadBalancer
+  loadBalancerClass: "service.k8s.aws/nlb"
+  annotations:
+   service.beta.kubernetes.io/aws-load-balancer-name: "graphdb-lb"
+   service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
+   service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
+   service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"  # This ensures the load balancer is internet-facing
+   service.beta.kubernetes.io/load-balancer-source-ranges: "0.0.0.0/0"

examples/aws/lb-example/values_https.yaml

@@ -0,0 +1,17 @@
+# This example shows how to deploy and expose GraphDB with Network Load Balancer with SSL enabled.
+
+service:
+  enabled: true
+  ports:
+   http: 443
+  type: LoadBalancer
+  loadBalancerClass: "service.k8s.aws/nlb"
+  annotations:
+   service.beta.kubernetes.io/aws-load-balancer-name: "graphdb-lb"
+   service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
+   service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
+   service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"  # This ensures the load balancer is internet-facing
+   service.beta.kubernetes.io/load-balancer-source-ranges: "0.0.0.0/0"
+   service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" # ARN of the ACM SSL Certificate that will be used
+   service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443" # Ports to be used for the SSL
+   service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06"

examples/aws/service-account/values.yaml

@@ -2,4 +2,4 @@ serviceAccount:
   create: true
   name: graphdb
   annotations:
-    eks.amazonaws.com/role-arn: arn:aws:iam::<AWS_ACCOUNT_ID>:role/eks-service-account-role # Example ARN Role, replace with your actual IAM Role ARN
+    eks.amazonaws.com/role-arn: arn:aws:iam::<AWS_ACCOUNT_ID>:role/eks-service-account-role # Example ARN Role, replace with your actual IAM Role ARN